Cacti SQL Injection exploit using bisecting.

Here is an exploit for an old cacti < 1.8.7b bug.

http://ben.timby.com/pub/cacti-1.8.7-sploit.tar.gz

It will retrieve for you the list of users and their md5 summed passwords. I based this on the information below and I know it works ;-).

http://www.securityfocus.com/archive/1/archive/1/488018/100/0/threaded

About this entry

Title: Cacti SQL Injection exploit using bisecting.

Published:: 12.02.09

Category:: programming, security, web

No comments

Jump to comment form | comments rss [?] | trackback uri [?]

Have your say

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

twodoteau

Cacti SQL Injection exploit using bisecting.

About this entry

No comments

Have your say

Pages

Recent Five

Categories