[VIM] false: Tritanium Bulletin Board 2 version #2005-05-02-18-17-06 Remote File Inclusion Exploit

str0ke str0ke at milw0rm.com
Thu Feb 8 12:13:42 EST 2007

Piece of the exploit code:
die "\nCould Not connect\n";

First 3 lines of code.

> require_once('startup.php');

> $LANGUAGE_PATH = 'languages/'.$CONFIG['standard_language'];
> include($LANGUAGE_PATH.'/lng_main.php');

Seems there isn't a startup.php file in the update_tbb1 directory,
which in newer versions of php would just die right after the first

If you get passed the require line you could take over
$CONFIG['standard_language'].  Even local inclusion isn't possible
without a languages folder existing in the current directory.  So
pretty much the script isn't vulnerable to a remote/local inclusion


More information about the VIM mailing list