Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

blogtorrent092.txt

🗓️ 12 Jul 2005 00:00:00Reported by pjphemType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 18 Views

BlogTorrent 0.92 <= Remote/Local User Password Disclosur

Code
`noglobal ~ security http://noglobal.secnet.org/  
__ ___ ______  
| |/ _ \ / _____\_  
| / | || ||_ _|  
|___|__| || |__) | _ _ _ _ _ ______  
|_______| |_\______/_|_|_|_|_|_|_____/ You think you know? but you have   
no idea..  
|___| | \______  
\________/  
  
Security Advisory 2005-0x00  
  
Software: BlogTorrent 0.92 <=  
Vendor: http://www.blogtorrent.com/  
Author: LazyCrs && pjphem  
Date: 10/07/2005  
Type: Remote/Local User Password Disclosure  
  
#0x01 - Description BlogTorrent  
  
BlogTorrent is software that makes it much easier to share and download   
large file  
useing the bittorrent protocol. That blog is easy to install, it don't   
require  
MySQL, Blog Torrent is easy for users: even if they don't know what   
bitorrent is,  
they get an installer that downloads the file they want,  
blogtorrent makes publishing with bittorrent painless.  
  
#0x02 - Bug  
  
BlogTorrent puts precious information as user and password, This and' caused  
because' the data related to the admin acount are saved in a text file,  
it can visible with browser.  
  
#0x03 - POC  
  
http://test/path_of_blog/data/newusers  
=  
d40:14ae696abdca1688dd577fe486c3981f331457b0d7:Createdi1120957648e5:Email17:email@email4:Hash40:d7b82821fe725305bded2fab9e91ed1e0e6fd93bee  
  
Username (crypt in md5) -> 14ae696abdca1688dd577fe486c3981f331457b0d7  
Password (crypt in md5) -> d7b82821fe725305bded2fab9e91ed1e0e6fd93bee  
  
#0x04 - Solution  
  
The solution is set the permissions on 'data/' 'torrents/' type:  
chmod 700 data/ ; chmod 700 torrents/  
  
#LazyCrs[AT]GMail[DOT]com - pjphem[AT]mybox[DOT]it  
#FREE RAFA! FREE RAFA! FREE RAFA!  
  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
12 Jul 2005 00:00Current
7.4High risk
Vulners AI Score7.4
blogtorrentremote/localuser password disclosuresecurity advisorylazycrspjphempocsolutionpermissions
18