======================================================================================== | # Title : Joomla.Tutorials GHDB: Apache directory listing Download Vulnerability | | # Author : indoushka | | # email : indoushka@hotmail.com | | # Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860) | | # Web Site : www.iq-ty.com | | # Published: | | # Script : Joomla com_intuit | | # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu) | | # Bug : GHDB | ====================== Exploit By indoushka ================================= | # Exploit : | | Vulnerability description: | The description for this alert is contributed by the GHDB community, it may contain inappropriate language. | | Category : Files containing juicy info | | This is a very basic string found on directory listing pages which show the version of the Apache web server. | Hackers can use this information to find vulnerable targets without querying the servers. | The Google Hacking Database (GHDB) appears courtesy of the Google Hacking community. | Affected items: | /com_intuit | /com_intuit (GET C=D;O=A) | /com_intuit (GET C=D;O=D) | /com_intuit (GET C=M;O=A) | /com_intuit (GET C=M;O=D) | /com_intuit (GET C=N;O=A) | /com_intuit (GET C=N;O=D) | /com_intuit (GET C=S;O=A) | /com_intuit (GET C=S;O=D) | The impact of this vulnerability: | Not available. | How to fix this vulnerability: | Not available. ================================ Dz-Ghost Team ======================================== Greetz : all my friend * Dos-Dz * Snakespc * His0k4 * Hussin-X * Str0ke * Saoucha * Star08 | Rafik (Tinjah.com) * Yashar (sc0rpion.ir) * Silitoad * redda * mourad (dgsn.dz) * -------------------------------------------------------------------------------------------