GHDB « Hackers For Charity

GHDB

GHDB

Google Search: inurl:”calendarscript/users.txt”

jeffball55 CP rates this entry 9 out of 10.
Submitted: 2006-03-21 00:00:00
Added by: jeffball55 CP
Hits: 2125
Score: 9

CalenderScript is an overpriced online calender system written in perl. The passwords are encrypted using perl’s crypt() function which I think DES encrypts things. However if the computer the calender script is on doesn’t support the crypt function the are plaintext. Changing calender dates might not sound useful but people reuse passwords so who knows? Also search for the logins:intitle:”Calendar Administration : Login” | inurl:”calendar/admin/index.asp” -demo -demos Then to get the passwords change the url fromwxw.calendersiteexample.com/thissite/calendar_admin.cgitowxw.calendersiteexample.com/thissite/calendarscript/users.txt The defaults are anonymous/anonymous and Administrator/Administrator.

Comments:


5 Responses to “GHDB”

  1. Jack says:
    October 26, 2011 at 9:12 pm

    Does GHDB still updates for now?

  2. Johnny says:
    October 27, 2011 at 3:31 am

    The GHDB is alive and well, updated through the ExploitDB: http://www.exploit-db.com/google-dorks.

  3. The Artist says:
    April 20, 2013 at 7:10 am

    Hi Johnny,been a while since I’ve came last. Aren’t you gonna update this website anymore???

  4. Johnny says:
    April 27, 2013 at 5:10 am

    The GHDB is not updated and lives with the exploitdb: http://http://www.exploit-db.com. Please check out the awesome folks at Offensive Security as well: http://www.offensive-security.com!

  5. Velmurugan says:
    May 7, 2013 at 7:38 am

    Is any offline view-able resources is available of this product ?

Leave a Reply