Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Modification For OpenSEF Remote file Inclusion

From: "Carsten Eilers" <ceilers-lists () gmx de>
Date: Thu, 24 Aug 2006 00:51:34 +0200
Hi,

Outlaw () aria-security net schrieb am Sat, 19 Aug 2006 01:18:24 +0000:


#Software: OpenSEF

#Attack method: Remote File Inclusion

#Description : OpenSEF is a Joomla component that extends the built-in
SEF (Search Engine Friendly) 


Is this <http://www.open-sef.org/>?
Which version did you test?
                                                                                          


#Proof of Concept:                                                                       

#http://www.site.com/sef.php?mosConfig_absolute_path=SHELL


In the actual Version (2.0.0-RC5_SP2) you could see

/** Ensure this file is being included by a parent file */
defined( '_VALID_MOS' ) or die( 'Direct access to this location is not
allowed.' );

at the top of the file, so it's impossible to call it
directly and manipulate any variable.

Regards
  Carsten


-- 
Dipl.-Inform. Carsten Eilers
IT-Sicherheit und Datenschutz

<http://www.ceilers-it.de>
Previous By Date Next
Previous By Thread Next

Current thread: