Python代码 各位大大自己分析写其他版吧
常来http://www.80sec.com

# -*- coding: gb2312 -*-
import urllib2,httplib,sys
httplib.HTTPConnection.debuglevel = 1
cookies = urllib2.HTTPCookieProcessor()
opener = urllib2.build_op

[阅读全文]

漏洞发布：http://www.80sec.com/

漏洞作者：jianxin@80sec.com

漏洞厂商： http://www.phpwind.com/  本漏洞影响phpwind所有版本

漏洞危害：高

漏洞说明：phpwind是国内使用非常广泛的一款程序，由于在程序设计上存在错误，导致任何人可以取得前台管理员及斑主权限，做删除帖子等任意操作

利用方式：http://www.80sec.co

[阅读全文]

[阅读全文]

| PHPWind 5.x Exploits |
| |
| Powered by HamFast V1.12 20070101 |
| |
---------------------------------------------------------------/

ATTANTION: Only do this bug test on your board!//仅仅用来测试你的论坛安全！
Don't attack any other site!//不要用于攻击其他网站

-----------------------------------------------------------------
BUGS:
Here is a very dangerous bug for PHPWind 5.x!!!! You can change
any user's password or register as a new user.

Ofcouse, you can change the admin's password, then the board will
be under control.

Maybe 80% of PHPWind boards have this bug.

This tools can exploit PHPWind 5.0.1 AND PHPWind 5.3.
----------------------------------------------------------------

Board Search:
----------------------------------------------------------------
http://www.baidu.com/s?tn=baidu& ... PWind+v5.0&ct=0
http://www.google.com/search?new ... red+by+phpwind+v5.0



下载地址：http://bbs.hackbase.com/viewthread.php?tid=3106742&page=1#pid4620831