Remote Admin Add CSRF Exploit

================================================================================================================ Open Upload 0.4.2 Remote Admin Add CSRF Exploit and Changing Normal user permission ================================================================================================================ # Exploit Title : Open Upload 0.4.2 Remote Admin Add CSRF Exploit # Exploit Author : Vinesh Redkar (@b0rn2pwn) # Email : vineshredkar89[at]gmail[d0t]com # Date: 21/07/2016 # Vendor Homepage: http://openupload.sourceforge.net/ # Software Link: https://sourceforge.net/projects/openupload/ # Version: 0.4.2 # Tested on: Windows 10 OS Open Upload Application is vulnerable to CSRF attack (No CSRF token in place) meaning that if an admin user can be tricked to visit a crafted URL created by attacker (via spear phishing/social engineering). Once exploited, the attacker can login as the admin using the username and the password he posted in the form. ======================CSRF POC (Adding New user with Admin Privileges)================================== CSRF PoC Code Remote Admin Add CSRF Exploit

Remote Admin Add CSRF Exploit by b0rn2pwn

======================CSRF POC (Changing privileges from normal user to administer)================================== Change privilege normal user to administer CSRF Exploit

Remote Admin Add CSRF Exploit by b0rn2pwn

Change privilege normal user to administer CSRF Exploit by b0rn2pwn