TUCoPS :: Web :: Guestbooks :: b06-3133.htm

PTT.yu Guestbook Vulnebility
PTT.yu Guestbook Vulnebility
PTT.yu Guestbook Vulnebility



===========================PTT.yu Guestbook Vulnebility
===========================Discovered by: us3rg0d 
Mail: us3r_g0d@yahoo.com 
Site: www.us3rg0d.tk 
www.cformatkrew.tk 

greetz: m3t4b0l1c,Fu3g0,DELTA,Phantom,NeshYu,
skull_boy,Orwell,MetalBOY,[YesPeace],Intruder,

Loading_3rr0r,DrNoise
fuckz: PC_TEROR (virus-x, erol-s)
===========================
PTT.yu guestbook have all ptt users which have ftp
access.
Here is a simple url which are using all ptt.yu users:
-------------------------------------
http://www.ptt.yu/korisnici/[1st LETTER OF 
USERNAME]/[2nd LETTER OF USERNAME]/[COMPLETE
USERNAME]/guestbook.htm(l)
-------------------------------------

Vulnerable source code of upis.htm (which is used to
sign into guestbook) 
looks like this:

-------------------------------------
action=http://www.ptt.yu/cgi-bin/guestbook.cgi method=post name=pad target=frame>
-------------------
------------------ This means thats all guestbooks using guestbook.cgi to post messages.After you goes in guestbook.cgi and view a source code,you would see that this script have no flood protection,so you can flood it right afther you find out how its working. So,to sing into guestbook of some user,you just need to use: ------------------------------------- http://www.ptt.yu/cgi-bin/guestbook.cgi?[USERNAME] ------------------------------------- Using this kind of flood attack results a buffer overflow. So make a simple program that filling this field or use one of 3 exploits that i made in Visual Basic.You can download it from: http://us3rg0d.50webs.com/pttgdos.rar http://us3rg0d.50webs.com/massptt.zip http://us3rg0d.50webs.com/pttfl00d.zip __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH