`============================================================================================================================================= | # Title : Bakery Shop Management System 1.0 CSRF Vulnerability | | # Author : indoushka | | # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits) | | # Vendor : https://www.sourcecodester.com/sites/default/files/download/oretnom23/bsms_0.zip | ============================================================================================================================================= poc : [+] Dorking İn Google Or Other Search Enggine. [+] This HTML code : represents a simple user form that collects data for a user (like a username, password, and user type) and submits it to a server using AJAX. Let me break down the key components of this code: [+] HTML Structure Container & Form:

: This div serves as a container for the form and ensures that it will take up the full width of its parent container.

: This form collects user data. The action attribute is empty, meaning the form doesn't submit in the traditional way (it's handled via JavaScript instead). Hidden Input: : This hidden input is used to store the user ID. It might be used for editing an existing user where the user ID is sent back to the server but isn't visible to the user. [+] Form Fields: Full Name: Username This field is actually mislabeled—the label says "Username," but the input is for the user's full name. The input field is styled using Bootstrap classes. Username: Password [+] Similarly, this field is labeled as "Password," but the input is meant for the username. The input type should be password instead of text for security reasons. [+] User Type: Type This dropdown allows the user to select their type—either "Administrator" or "Cashier." The selected value (1 or 0) is sent to the server. [+] Submit Button: : This button submits the form. It's styled as a primary button using Bootstrap. [+] JavaScript (jQuery) Form Submission Handling: $(function(){ ... }): This is a jQuery shorthand for $(document).ready(), meaning the function runs after the DOM is fully loaded. $('#user-form').submit(function(e){ ... }): This function handles the form submission. The default form submission behavior is prevented (e.preventDefault()), meaning the form doesn't reload the page. Message Handling: $('.pop_msg').remove();: This removes any previous pop-up messages before submitting the form. _el.addClass('pop_msg'): Creates a new element for displaying messages (e.g., success or error messages). AJAX Request: $.ajax({ ... }): Sends the form data to the server without reloading the page. URL: The form is submitted to http://127.0.0.1/bsms/Actions.php?a=save_user. Method: The data is sent using the POST method. Data: The form data is serialized (_this.serialize()) and sent as JSON. Error Handling: If an error occurs, the script logs it to the console and displays an error message (which currently says "Yes Mother fucker !" —this is an inappropriate message and should be corrected to something like "An error occurred."). Success Handling: If the submission is successful, the form is reset, a success message is shown, and the page may reload after a short delay. If the submission fails, the error message from the server response is displayed. [+] Line 36 : Set your target url [+] save payload as poc.html [+] payload :

Username

Password

Type

Greetings to :============================================================ jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr | ========================================================================== `