attempting to inject a shell using a known security fault via the Ignition package generating an "oops" error (a simple POST request with no parameters to the website causes it) The keyword was “xCATZE” and we were able to find some movies on YT, where the tool can be seen in action.Ī bit more research later we could safely say that the tool is based on a python script, in many incarnations and versions, that targets Laravel systems specifically and uses several ways to attack the host by: We went into panic mode and tried to figure out wtf happened.Īs it turned out, the reason was really simple: our Laravel instance had the APP_DEBUG set to true: simply put, an "ooops" error will expose the env content.īut there is more to that: looking at the initial test email from the SMTP logs, we realized there’s got to be some tool out there that does this. The SMTP credentials have been extracted and used by some unknown entity to fill the victim’s spam boxes with fake Viagra ads*. Our story is simple: a sandbox account was compromised by what looked like a targeted attack. Not long ago, we were in the same situation.īut the human factor is to be taken into account. And you are worried that your Laravel app is insecure. If you are reading this, it may be because your SMTP credentials have been abused, raped and shot dead by the pesky hackers. LARAVEL SMTP CRACK | HOST: or how to have a nasty day
0 Comments
Leave a Reply. |