###
### CodeIgniter v1.0 Remote File Inclusion Vulnerability
###
###########################################################
###
### * @package CodeIgniter
### * @Version 1.0
### * @license http://codeigniter.com/user_guide/license.html
### * @link http://codeigniter.com
###
###########################################################
###
### Type : Remote File Inclusion Vulnerability
### Author: eidelweiss
### Date : 2010-02-13
### Location: Indonesia ( http://yogyacarderlink.web.id )
### Contact: g1xsystem [at] windowslive [dot] com
### Greetz : AL-MARHUM - YOGYACARDERLINK TEAM - (D)eal (C)yber
###
###########################################################
POC:
require_once(BASEPATH.'database/DB_driver'.EXT);
if ( ! isset($active_record) OR $active_record == TRUE)
{
require_once(BASEPATH.'database/DB_active_rec'.EXT);
if ( ! class_exists('CI_DB'))
{
eval('class CI_DB extends CI_DB_active_record { }');
}
}
else
{
if ( ! class_exists('CI_DB'))
{
eval('class CI_DB extends CI_DB_driver { }');
}
}
require_once(BASEPATH.'database/drivers/'.$params['dbdriver'].'/'.$params['dbdriver'].'_driver'.EXT);
// Instantiate the DB adapter
$driver = 'CI_DB_'.$params['dbdriver'].'_driver';
$DB =& instantiate_class(new $driver($params));
if ($DB->autoinit == TRUE)
{
$DB->initialize();
}
return $DB;
}
Download source Code
###########################################################
###
### CodeIgniter v1.0 Remote File Inclusion Vulnerability
###
###########################################################
###
### * @package CodeIgniter
### * @Version 1.0
### * @license http://codeigniter.com/user_guide/license.html
### * @link http://codeigniter.com
###
###########################################################
###
### Type : Remote File Inclusion Vulnerability
### Author: eidelweiss
### Date : 2010-02-13
### Location: Indonesia ( http://yogyacarderlink.web.id )
### Contact: g1xsystem [at] windowslive [dot] com
### Greetz : AL-MARHUM - YOGYACARDERLINK TEAM - (D)eal (C)yber
###
###########################################################
POC:
require_once(BASEPATH.'database/DB_driver'.EXT);
if ( ! isset($active_record) OR $active_record == TRUE)
{
require_once(BASEPATH.'database/DB_active_rec'.EXT);
if ( ! class_exists('CI_DB'))
{
eval('class CI_DB extends CI_DB_active_record { }');
}
}
else
{
if ( ! class_exists('CI_DB'))
{
eval('class CI_DB extends CI_DB_driver { }');
}
}
require_once(BASEPATH.'database/drivers/'.$params['dbdriver'].'/'.$params['dbdriver'].'_driver'.EXT);
// Instantiate the DB adapter
$driver = 'CI_DB_'.$params['dbdriver'].'_driver';
$DB =& instantiate_class(new $driver($params));
if ($DB->autoinit == TRUE)
{
$DB->initialize();
}
return $DB;
}
For full Contents check it here :
http://www.hack0wn.com/view.php?xroot=487.0&cat=exploits
GOOD LUCK & ENJOY
0 comments:
Post a Comment
Note: Only a member of this blog may post a comment.