GHDB
GHDB
|
Google Search: intitle:”MRTG/RRD” 1.1* (inurl:mrtg.cgi | inurl:14all.cgi |traffic.cgi)
murfie rates this entry 4 out of 10. Submitted: 2004-09-24 00:00:00 Added by: murfie Hits: 1867 Score: 4 The remote user can reportedly view the first string of any file on the system where script installed. This is a very old bug, but some sites never upgraded their MRTG installations.http://www.securitytracker.com/alerts/2002/Feb/1003426.htmlAn attacker will find it difficult to exploit this in any usefull way, but it does expose one line of text from a file, for example (using the file /etc/passwd) shows this:ERROR: CFG Error Unknown Option “root:x:0:1:super-user:/” on line 2 or above. Comments: |
Does GHDB still updates for now?
The GHDB is alive and well, updated through the ExploitDB: http://www.exploit-db.com/google-dorks.
Hi Johnny,been a while since I’ve came last. Aren’t you gonna update this website anymore???
The GHDB is not updated and lives with the exploitdb: http://http://www.exploit-db.com. Please check out the awesome folks at Offensive Security as well: http://www.offensive-security.com!
Is any offline view-able resources is available of this product ?