GHDB « Hackers For Charity

GHDB

GHDB

Google Search: intext:”Powered By: Snitz Forums 2000 Version 3.4.00..03″

ghooli rates this entry 10 out of 10.
Submitted: 2005-06-21 00:00:00
Added by: ghooli
Hits: 3598
Score: 10

snitz Forum 2000 v 3.4.03 and older is vulnerable to many things including XSS. See http://www.gulftech.org/?node=research&article_id=00012-06162003. This is a sketchy search, finding vulnerable versions 3.4.00-3.4.03. Older versions are vulnerable as well.

Comments:

2005-07-06 13:01:43 (komenggg): Description:
Snitz Forums is a full-featured UBB-style ASP discussion board application. New features in version 3.3: Complete Topic/Post Moderation, Topic Archiving, Subscribe to Board / Category / Forum / Topic, Improved unsubscribe, Short(er) urls, Category and Forum ordering, and Improved Members-page. And like always, upgrading of the database is done for you by the setupscript

Search XSS Vulnerability:
Snitz search feature is vulnerable to XSS which can aide an attacker in stealing cookies, and thus compromising the account, as described below

search.asp?Search=”>alert(document.cookie)

Cookie Authentication Bypass Vulnerability:
In order to steal another users identity, all an attacker needs to know is thier encrypted password. This is not very hard to obtain using the XSS as described above, or other methods. Once an attacker has this info, all they have to do is login to thier normal account to get a valid session id, close the browser, replace thier username and encrypted pass with that of the victim, and return to the site where they will be recognized as the victim.

Password Reset Vulnerability:
This is the most serious of the vulns, as it requries no real effort and leaves the entire snitz forum open to attack. All an attacker has to do is request a forgotten password, save the password reset page offline,edit the member id to the desired member id, and submit the form. The members password will then be reset to that of the attackers choosing.


2006-05-10 07:16:10 (qurck): google have stopped this one. when i tired it said it looked like a spyware or a virus automated serch


5 Responses to “GHDB”

  1. Jack says:
    October 26, 2011 at 9:12 pm

    Does GHDB still updates for now?

  2. Johnny says:
    October 27, 2011 at 3:31 am

    The GHDB is alive and well, updated through the ExploitDB: http://www.exploit-db.com/google-dorks.

  3. The Artist says:
    April 20, 2013 at 7:10 am

    Hi Johnny,been a while since I’ve came last. Aren’t you gonna update this website anymore???

  4. Johnny says:
    April 27, 2013 at 5:10 am

    The GHDB is not updated and lives with the exploitdb: http://http://www.exploit-db.com. Please check out the awesome folks at Offensive Security as well: http://www.offensive-security.com!

  5. Velmurugan says:
    May 7, 2013 at 7:38 am

    Is any offline view-able resources is available of this product ?

Leave a Reply