Network Security: Detailed info on Re: Re: # MHG Security Team --- PHP NUKE All version Remote File Inc.

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Vuln-Dev

[Top] [All Lists]

Re: Re: # MHG Security Team --- PHP NUKE All version Remote File Inc.

from [nukedx] Network Security

[Permanent Link]

Subject:	Re: Re: # MHG Security Team --- PHP NUKE All version Remote File Inc.
Date:	2 Jun 2006 00:49:48 -0000

Yeah,its so weird. vulnerable code in pagestart.php at line 68.
http://victim/modules/Forums/admin/admin_styles.php?phpbb_root_path=2
Warning: main(2common.php): failed to open stream: No such file or directory in 
C:\Inetpub\vhosts\victim\httpdocs\modules\Forums\admin\pagestart.php on line 68
Just edited victim for security purposes.
in pagestart.php at lines 67-68:
...
include("../../../mainfile.php");
include($phpbb_root_path.'common.'.$phpEx);
...
So it includes mainfile.php and i think this is making vulnerability.
in mainfile.php at lines 54-56
...
if (!ini_get("register_globals")) { 
    import_request_variables('GPC'); 
}
...
I tried it on some servers.It didnt work but for some worked, and all this 
servers has register_globals off and magic_quotes_gpc on.
This is so weird problem..
Regards,
Mustafa Can Bjorn IPEKCI (nukedx a.k.a nuker)

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: # MHG Security Team --- PHP NUKE All version Remote File Inc., rgod Re: Re: # MHG Security Team --- PHP NUKE All version Remote File Inc., nukedx <= Re: Re: # MHG Security Team --- PHP NUKE All version Remote File Inc., Steven M. Christey

Previous by Date:	northstudio Cross Site Scripting Vulnerability, CrAzY . CrAcKeR
Next by Date:	Weblog Oggi v1.0, luny
Previous by Thread:	Re: # MHG Security Team --- PHP NUKE All version Remote File Inc., rgod
Next by Thread:	Re: Re: # MHG Security Team --- PHP NUKE All version Remote File Inc., Steven M. Christey
Indexes:	[Date] [Thread] [Top] [All Lists]