Joomla Component com_jmsfileseller Local File Inclusion Vulnerability

Please download the original advisory/exploit here. The Joomla component com_jmsfileseller suffers from a Local File Inclusion vulnerability. URL: index.php?option=com_jmsfileseller&view=<LFI value>&cat_id=1&Itemid=27 Vulnerable parameter: view Example: index.php?option=com_jmsfileseller&view=../../../etc/passwd%00&cat_id=12&Itemid=27... Read More
lfi_scanner

Simple Local File Inclusion Vulnerability Scanner version 1.0 released

Today I am releasing my Simple Local File Inclusion Vulnerability Scanner 1.0 (29th December 2010). [Download] Description The Simple Local File Inclusion Vulnerability Scanner helps you to find LFI vulnerabilities. Usage ./lfi_scanner.py –url= Usage example ./lfi_scanner.py –url=”http://www.example.com/page.php?file=main” Usage notes - Always use http://…. - This tool does not work with SEO URLs, such as http://www.example.com/news-about-the-internet/. […]... Read More

The Joomla Hacking Compendium

Download The Joomla Hacking Compendium here. With great pleasure I hereby announce the availability of the new “The Joomla Hacking Compendium”. It contains almost 1000 lines of pure knowledge and shows you the way to hack and protect Joomla. It contains the following chapters: Please find an excerpt below:... Read More

Little XSS Cheat Sheet added

Since my favorite XSS cheat sheet is down, I decided to compose an own cheat sheet which is a collection of a few sources and based on my personal experience. It is nothing special and does not include the features of other cheat sheets (e.g. browser compatibility, hex conversion etc.), but it is not ment […]... Read More

Simple Local File Inclusion Exploiter version 1.1 released

I just uploaded a new version of the Simple Local File Inclusion Exploiter, version 1.1. It was updated with some new user agents, “interesting files” and now creates a small log file. Just visit the “My Tools” section for the download link.... Read More
lfi_sploiter-1_0-screenshot

Simple Local File Inclusion Exploiter version 1.0 released

Today I am releasing my Simple Local File Inclusion Exploiter 1.0 (21th November 2010). [Download] Description The Simple Local File Inclusion Exploiter helps you to exploit LFI vulnerabilities. After you found one, simply pass the URL of the affected website and the vulnerable parameter to this tool. You can also use this tool to scan […]... Read More

New security tool to be released soon

I am currently working on a very exciting tool which is related to local file inclusion vulnerabilities. Basically it is some kind of automated LFI exploiter with many features, such as a LFI scanner and – as I call it – an “interesting file dumper”. Currently, the tool is still beta (version 0.8). I guess […]... Read More

South Korean UTW CMS Multiple Vulnerabilities

Please view the original advisory/exploit here. The South Korean Community/Website/Content Management System UTW suffers from various vulnerabilities. Local File Inclusion Script: utw_lib/get_file.php Parameters: file, rfile Example: utw_lib/get_file.php?rfile=<local path>&file=<local file name> The script get_file.php is vulnerable to local file inclusion attacks. Arbitrary files can be viewed by combining the values for the rfile and file parameters. […]... Read More

OneOrZero AIMS v2.6.0 Members Edition Multiple Vulnerabilities

Please view the original advisory/exploit here. The web app OneOrZero AIMS Members Edition suffers from multiple remote vulnerabilities. SQL Injection Multiple scripts and parameters are affected by remote SQL injection vulnerabilities. You can also manipulate SQL queries with the help of various search fields of this web app. Some example URLs: index.php?controller=app_oneorzerohelpdesk_main&subcontroller=search_management_manage&option=saved_search&global=1&id=[SQL Injection] index.php?controller=app_oneorzerohelpdesk_main&subcontroller=search_management_manage&option=show_item_search&item_types=[SQL Injection] […]... Read More