VHCS (version <= 2.4.7.1) PoC.  By RoMaNSoFt <roman@rs-labs.com>  [08.Feb.2006]

   
  Target URL
  Username  (should NOT exist)
  Exploit it!
 


Quick instructions.-

1.- Enable JavaScript. Fill in the form with appropiate target URL (usually you will only need to replace <target> string) and username.
2.- Remember not to use a probably existing username (such as "admin").
3.- Launch the exploit. If target system is vulnerable, a new VHCS admin user will be created ;-)
4.- You will be redirected to VHCS login page. Try to login with your brand new username.
5.- Ummm, I forgot it... The password is: dsrrocks.

More info (analysis, fix, etc).-

See RS-2006-1.