====================================================================================== Exploit Title : BRIGHTBRIX® Web Producer - Extending the Internet Add Admin Vulnerability Author : Zaenal Arifin Exploit Date : September 06, 2018 Software : https://www.brightbrix.com/ Vendor : https://www.brightbrix.com/ Version : - Home : www.bandungdigitalsecurity.org Tested on : Windows 7/10 64x - BackBox Linux 5.0 64x Exploit Risk : Medium ====================================================================================== Proof of Concept : Search in google browser or another browser and use the dork : Dashboard for BRIGHTBRIX® Web Producer - Extending the Internet and us ur brain to develop this dork. and Use Exploit : /user_admin/login_page.php?return_url=%2Fxampp%2Flang.php%3Fen If vuln then you will find a form to create a new account and fill in the active e-mail, and check your e-mail for activation of the code and creat ur password, if it is then it will go directly to the dashboard page. Proof : > https://image.ibb.co/jCa2je/Pwnd.png Demo : https://www.brightbrix.com/user_admin/login_page.php?return_url=%2Fxampp%2Flang.php%3Fen =========================================== Contact Me : https://www.facebook.com/darkvenom.gov zaenalarifin.net@gmail.com =========================================== ====================================================================================== Special Thanks to : Familly Team_CC | AnonGhost | MilWorm | TeaMp0is0N | Fallaga Team ======================================================================================