CVE-2018-9160

This exploit demonstrates an information leakage vulnerability in SickRage where clear-text credentials (e.g., GitHub, AniDB) are exposed in HTTP responses when no authentication is configured. The PoC fetches the credentials by parsing the HTML response from the `/config/general` endpoint.

This PoC exploits CVE-2018-9160, an information leakage vulnerability in SickRage where clear-text credentials (e.g., GitHub) are exposed in HTTP responses. The script fetches the `/config/general` endpoint and parses the HTML to extract credentials from input fields.

This Metasploit module exploits an information leak vulnerability in SickRage to extract saved GitHub and other service credentials from HTTP responses. It checks for authentication and parses HTML to retrieve credentials from configuration pages.