+- Indonesian Back|Track Team (https://www.indonesianbacktrack.or.id/forum)
+-- Forum: Attacker Zone (https://www.indonesianbacktrack.or.id/forum/forum-169.html)
+--- Forum: Web Attack (https://www.indonesianbacktrack.or.id/forum/forum-181.html)
+--- Thread: Share Multiple Vulnerability xEpan 1.0.4 (/thread-6119.html)
Multiple Vulnerability xEpan 1.0.4 - abdilahrf - 11-27-2014
# Exploit Title: Multiple Vulnerability xEpan 1.0.4
# Google Dork: not yet
# Date: 2014-11-27
# Exploit Author: Parikesit , Kurawa In Disorder
# Vendor Homepage: http://xepan.org
# Software Link: http://www.xepan.org/index.php?subpage=download
# Version: 1.0.4
# Tested on: Windows 7 Ultimate
# Vulnerability Type: File Upload
# Risk Level: High
# Solution Status: Not Fixed
# Discovered and Provided: Kurawa In Disorder ( http://kurawa.indonesianbacktrack.or.id ) , Indonesian Backtrack Team ( http://indonesianbacktrack.or.id )
-----------------------------------------------------------------------------------------------
Advisory Details:
xEpan have elfinder which can exploited to upload a backdoor
1.) vulnerable page : http://target/elfinder/elfinder.html
Just upload your php backdoor
and acess there http://target/elfinder/files/<backdoor_name>
2.) leak database information : http://target/install.sql
after installation the script not remove the .sql file it's can be danger
3.) important file , like ftp password stored in a public file : http://target/ftpsync.settings
very danger , how to prevent just use a private privilages or delete the file
4.) weak password used : http://target/index.php?page=owner_dashboard
admin:admin ... :o
-----------------------------------------------------------------------------------------------
http://www.hasnydes.us/2014/11/multiple-vulnerability-xepan-1-0-4/
http://1337day.com/exploit/22965
http://www.exploit-db.com/exploits/35396/
RE: Multiple Vulnerability xEpan 1.0.4 - Kresna - 11-28-2014
(11-27-2014, 07:10 PM)abdilahrf Wrote: # Exploit Title: Multiple Vulnerability xEpan 1.0.4
# Google Dork: not yet
# Date: 2014-11-27
# Exploit Author: Parikesit , Kurawa In Disorder
# Vendor Homepage: http://xepan.org
# Software Link: http://www.xepan.org/index.php?subpage=download
# Version: 1.0.4
# Tested on: Windows 7 Ultimate
# Vulnerability Type: File Upload
# Risk Level: High
# Solution Status: Not Fixed
# Discovered and Provided: Kurawa In Disorder ( http://kurawa.indonesianbacktrack.or.id ) , Indonesian Backtrack Team ( http://indonesianbacktrack.or.id )
-----------------------------------------------------------------------------------------------
Advisory Details:
xEpan have elfinder which can exploited to upload a backdoor
1.) vulnerable page : http://target/elfinder/elfinder.html
Just upload your php backdoor
and acess there http://target/elfinder/files/<backdoor_name>
2.) leak database information : http://target/install.sql
after installation the script not remove the .sql file it's can be danger
3.) important file , like ftp password stored in a public file : http://target/ftpsync.settings
very danger , how to prevent just use a private privilages or delete the file
4.) weak password used : http://target/index.php?page=owner_dashboard
admin:admin ... :o
-----------------------------------------------------------------------------------------------
http://www.hasnydes.us/2014/11/multiple-vulnerability-xepan-1-0-4/
weh mantep nih, ada exploit baru
RE: Multiple Vulnerability xEpan 1.0.4 - x_code - 11-30-2014
dork : allinurl:/elfinder/elfinder
ntu dork abal2 ...ahahaahahah
RE: Multiple Vulnerability xEpan 1.0.4 - abdilahrf - 12-04-2014
Published
http://1337day.com/exploit/22965
http://www.exploit-db.com/exploits/35396/
RE: Multiple Vulnerability xEpan 1.0.4 - cyberking - 12-04-2014
nice
)dork:
inurl:elfinder.html
inurl:/elfinder/elfinder.html+intitle:"elFinder 2.0"
inurl:ckeditor/elfinder/elfinder.html
inurl:ckeditor/elfinder/elfinder.html+intitle:"elFinder"
dll, kembangin aja
)