Full Disclosure mailing list archives

Re: PHP file vulnerable on SMF 1.1.10

From: Anastasios Monachos <anastasiosm () gmail com>
Date: Wed, 23 Sep 2009 13:55:30 +0300

When editing a file with vi or other editors it creates a temporary version
of the original appending next the filename a tilde (~), looks to me that's
the case.

2009/9/23 bro <tweetycoaster () gmail com>

In Simple Machine Forum application version 1.1.10,
everybody can see some PHP files as like as index.php by any browsers
just added "~" symbol to end of filename.
examples:
http://vulnsite.com/path_of_SMF/index.php~<http://vulnsite.com/path_of_SMF/index.php%7E>
http://vulnsite.com/path_of_SMF/ssi_examples.php~<http://vulnsite.com/path_of_SMF/ssi_examples.php%7E>
http://vulnsite.com/path_of_SMF/SSI.php~<http://vulnsite.com/path_of_SMF/SSI.php%7E>


--
I will never let you go ...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




-- 
AM
Key ID: 0x5EB17EE7

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

PHP file vulnerable on SMF 1.1.10 bro (Sep 22)
- Re: PHP file vulnerable on SMF 1.1.10 Elonym (elone) (Sep 22)
- Re: PHP file vulnerable on SMF 1.1.10 » Ruben Alves (Sep 23)
- Re: PHP file vulnerable on SMF 1.1.10 Anastasios Monachos (Sep 23)
  - Re: PHP file vulnerable on SMF 1.1.10 » Ruben Alves (Sep 23)