[VIM] Verified: arabhost function.php RFI
Heinbockel, Bill
heinbockel at mitre.org
Tue Feb 27 09:13:28 EST 2007
BUGTRAQ:20070222 Hasadya Raed
http://www.securityfocus.com/archive/1/archive/1/460933/100/0/threaded
> B.File :
> function.php
>
> V.Code :
> include($adminfloder");
>
> Expl :
http://www.victim.com/path/function.php?adminfolder=[Shell-Attack]
Since the script download at
http://delmaa.com/upfile/users/arabHost.zip
is currently 404. I'll refer to the Google Code cache of
arabHost/function.php:
http://www.google.com/codesearch?hl=en&q=show:y_09L32ZX4g:c-H4PKvziZc:C
SW92BIlIMw&sa=N&ct=rd&cs_p=http://delmaa.com/upfile/users/arabHost.zip&
cs_f=arabHost/function.php
Code (lines 1-4):
> <?php
>
> include("includes/protaction.php");
> include("$adminfloder/config.php");
And the package contains no "includes/protaction.php" file (and
the ReadMe.html is in Arabic), so this issue does appear valid.
Sorry jericho, no disputes this time.
Bill "That's False Too!" Heinbockel
Infosec Engineer
The MITRE Corporation
202 Burlington Rd. MS S145
Bedford, MA 01730
heinbockel at mitre.org
781-271-2615
More information about the VIM
mailing list