Ukrainian Sites Url Poisoning

2018.07.07

Mr-0mba404 (RS)

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: site:ua "cfg contactform"

########################
# Exploit Title : UA SITES URL POISONING
# Exploit Author : ./Mr-0mba404
# Dorks :
# site:ua "j images jdownloads screenshots version php j"
# site:ua "wp content uploads gravity forms index php option com jdownloads"
# site:ua "plugins editors jce tiny mce plugins cfg contactform"
# site:ua "cfg contactform"
# Contact: https://goo.gl/WfYeuy
# Date: 7/6/2018
#########################
Proof od Concept:
Search dorks in Google,Choose a site from there
and delete everything except the domain
and just add for example "www.target.ua/Hacked"
##########################
Demo : https://wheelhunter.com.ua/Hacked-By-YourName
http://vkolese.com.ua/Hacked-By-YourName
http://colesa.com.ua/Hacked_By_Omba
http://expertshin.com.ua/Hacked_By_Omba

References:

https://whatis.techtarget.com/definition/URL-poisoning-location-poisoning

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Ukrainian Sites Url Poisoning

Dork: site:ua "cfg contactform"

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.