TeamHelpdesk Customer Web Service (CWS) 8.3.5 & Technician Web Access (TWA) 8.3.5 - Remote User Credential Dump

# Exploit Title: Team Helpdesk Customer Web Service (CWS) Remote User Credential Dump exploit
# Exploit Title: Team Helpdesk Technician Web Access (TWA) Remote User Credential Dump exploit
# Date: May 5, 2014
# Exploit Author: bhamb (ccb3b72@gmail.com)
# Vendor Homepage: http://www.assistmyteam.net/TeamHelpdesk/
# Software Link: http://www.assistmyteam.net/TeamHelpdesk/Download.asp
# Version: 8.3.5 (and probably prior)
# Tested on: Windows 2008 R2
# CVE : -

Recommendation:

Usage: ./user_cred_dump_cws.py https://Hostname.com

You will get a username:encrypted-password pairs.
To decrypt the encrypted passwords, please use my Password Decrypt script
(decrypt_cws.py) for Team Helpdesk CWS.




Usage: ./user_cred_dump_twa.py https://Hostname.com

You will get a username:encrypted-password pairs.
To decrypt the encrypted passwords, please use my Password Decrypt script
(decrypt_twa.py) for Team Helpdesk TWA.



Verifying exploits
https://www.youtube.com/watch?v=pJ1fGN3DIMU&feature=youtu.be



Exploit-DB Mirror: http://www.exploit-db.com/sploits/33195-Team_Helpdesk_Web.zip



//The information contained within this publication is


//supplied "as-is"with no warranties or guarantees of fitness


//of use or otherwise.Bot24, Inc nor Bradley Sean Susser accepts


//responsibility for any damage caused by the use or misuse of


//this information