TextPortal is a text-based PHP portal system with forum, voitig,
user
registration, etc. To use this portal system you need only php on the
web
server.
The default admin password is: admin. The administrators change this
always.
You can change the admin passord at admin-menu -> admin passwor menu item.
The
admin password is in admin_pass.php :
What is good2? Good 2 is also an administrator (editor). This user
hasn't
got full controll, but you can change many things:
- Voting
- Articles
- Downloads
- Links
- Gallery
- Forum
- Visitor's Book
- Statistics
The portal use the crypt php function to the passwords. So you can crack
this
password with any UNIX password cracker. The result: 3JVqJsoQ4Dph2:12345.
;)
The passwor is: 12345. Many people don't know this and they don't change
the
password.
Chenge the editor password: admin menu > admin password > change
editor
password. Or write the crypted password to the admin_pass.php after the
part:
"god2¤".
B$H
bsh (at) tar (dot) hu [email concealed]
www.tar.hu/bsh
Advisory ID: B$H-2003:001
Advisory URL: http://www.tar.hu/bsh/reports/bsh-2003-001.txt
Date: 2003.05.22.
Original Advisory Date: 2003.05.10.
Discovery date: 2003.05.10.
Type: Vulnerability / Exploit
Product: TextPortal
Affected versions: All (as of discovery date)
Fixed Version: None
Vendor notified: 2003.05.10.
Vendor response: 2003.05.16.
Product/vendor URL: http://www.textportal.hu/
Author: B$H
Author info: bsh (at) tar (dot) hu [email concealed] / http://www.tar.hu/bsh/
Greetz to : Sigterm, Dodge Viper, Geo, DVHC
------------------------------------------------------
Product description:
------------------------------------------------------
TextPortal is a text-based PHP portal system with forum, voitig,
user
registration, etc. To use this portal system you need only php on the
web
server.
------------------------------------------------------
Vulnerability:
------------------------------------------------------
The default admin password is: admin. The administrators change this
always.
You can change the admin passord at admin-menu -> admin passwor menu item.
The
admin password is in admin_pass.php :
<?php
god1¤t.gEaVtS1Uh86
god1-tmp¤d.9qw2fVYDNh2god2¤ijv.8ZKH0lW8s
god2¤3JVqJsoQ4Dph2
What is good2? Good 2 is also an administrator (editor). This user
hasn't
got full controll, but you can change many things:
- Voting
- Articles
- Downloads
- Links
- Gallery
- Forum
- Visitor's Book
- Statistics
The portal use the crypt php function to the passwords. So you can crack
this
password with any UNIX password cracker. The result: 3JVqJsoQ4Dph2:12345.
;)
The passwor is: 12345. Many people don't know this and they don't change
the
password.
------------------------------------------------------
Exsploit:
------------------------------------------------------
http://[target]/admin.php
Target 12345 and Enter. ;)
-----------------------------------------------------
Solution:
------------------------------------------------------
Chenge the editor password: admin menu > admin password > change
editor
password. Or write the crypted password to the admin_pass.php after the
part:
"god2¤".
B$H
bsh (at) tar (dot) hu [email concealed]
www.tar.hu/bsh
2003.05.22.
[ reply ]