This Perl script exploits a SQL injection vulnerability in MiniNuke v2.x to create an admin account by manipulating the user registration and profile update process. It automates the steps of registering a user, logging in, and elevating privileges via crafted HTTP requests.
Classification
Working Poc 95%
Target:
MiniNuke v2.x
No auth needed
Prerequisites:
Network access to the target MiniNuke installation · MiniNuke v2.x with vulnerable membership.asp and profile update endpoints