[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Vulnerabilities in WordPress Attack Scanner for WordPress

To: MustLive <mustlive@xxxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Vulnerabilities in WordPress Attack Scanner for WordPress
From: Henri Salo <henri@xxxxxxx>
Date: Thu, 31 Jan 2013 02:06:44 +0200

On Wed, Jan 30, 2013 at 08:31:57PM +0200, MustLive wrote:
> Information Leakage (WASC-13):
> 
> http://site/wp-content/plugins/path/data.txt
> http://site/wp-content/plugins/path/archive.txt
> 
> Folder "path" can be WP-Attack-Scanner or WP-Attack-Scanner-Free.
> 
> Unrestricted access to the data - they can be accessed in the browser 
> without authorization. Even the data is encrypted, but by default the 
> password is "changepassword". If the password was not changed, then the data 
> is easily decrypting. If it was changed, then the password can be picked up.

What data is stored to those files?

--
Henri Salo

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Vulnerabilities in WordPress Attack Scanner for WordPress
  - From: MustLive

Prev by Date: [Full-disclosure] Vulnerabilities in WordPress Attack Scanner for WordPress
Next by Date: [Full-disclosure] Belkin WeMo Remote Shell and State Change 0day Exploit
Previous by thread: [Full-disclosure] Vulnerabilities in WordPress Attack Scanner for WordPress
Next by thread: [Full-disclosure] Belkin WeMo Remote Shell and State Change 0day Exploit
Index(es):
- Date
- Thread