鬼仔's Blog

来源：Neeao's Blog

—————————————————————–
| PHPWind 5.x Exploits |
| |
| Powered by HamFast V1.12 20070101 |
| |

\—————————————————————/

ATTANTION: Only do this bug test on your board!
Don't attack any other site!

—————————————————————–
BUGS:
Here is a very dangerous bug for PHPWind 5.x!!!! You can change
any user's password or register as a new user.

Ofcouse, you can change the admin's password, then the board will
be under control.

Maybe 80% of PHPWind boards have this bug.

This tools can exploit PHPWind 5.0.1 AND PHPWind 5.3.
—————————————————————-

Board Search:
—————————————————————-
http://www.baidu.com/s?tn=baidu&wd=powered+by+PHPWind+v5.0&ct=0
http://www.google.com/search?newwindow=1&q=powered+by+phpwind+v5.0

[/quote]
GUI版：

GUI版下载地址： 点击下载

压缩包里三个文件：
boardlist.txt 作者还列出来的N多用了phpwind论坛的网站
pw5expgui.exe 主程序
readme.txt 说明

命令行版：

C:\Documents and Settings\Administrator\桌面\pw5expcmd>pw5expcmd.exe

—————————————————————–
| PHPWind 5.x Exploits |
| |
| Powered by HamFast V1.12 20070101 |
| |
\—————————————————————/

Useage:
[1] pw5expcmd.exe url // Just test the [url] have bugs or
not
[2] pw5expcmd.exe url username // Register a user or change user w
ith password '123456'
[3] pw5expcmd.exe url username password // Register a user or change user w
ith custom password

!!! Don't attack phpwind.net or localhost, maybe your computer will poweroff !!!

命令行版下载地址： 点击下载