Source: http://www.sec-1.com/blog/?p=233

Splunk remote root exploit.
Author: Gary O'leary-Steele @ Sec-1 Ltd
Date:   5th September 2011
Release date: Private

Full Package: http://www.exploit-db.com/sploits/18245.zip

C:\git\splunk>python splunk_exploit.py -h
Usage: Run splunk_exploit.py -h to see usage options

Options:
--version          show program's version number and exit
-h, --help         show this help message and exit
-t TARGETHOST      IP Address or hostname of target splunk server
-c                 Generate CSRF URL only
-w SPLUNKWEB_PORT  The Splunk admin interface port (Default: 8000)
-d SPLUNKD_PORT    The Splunkd Web API port (Default: 8089)
-u USERFILE        File containing usernames for use in dictionary attack
-p PASSFILE        File containing passwords for use in dictionary attack
-U USERNAME        Admin username (if known)
-P PASSWORD        Admin pasword (if known)