MyBB Forum 1.8.14 Vulnerability:Cross Site Request Forgery(CSRF)
This post is about vulnerability which I found in MyBB Forum and POC's are created under Windows 10 platform.
# Exploit Title : MyBB Forum 1.8.14
# Exploit Author : Pranav Jagtap
# Tested On : Windows 10 64 Bit
# LinkedIn : iampranavjagtap
# Twitter :pranavH4x0r
CSRF Vulnerability:
Authentication : Required Description:
MyBB Forum is not checking the valid CSRF token so an attacker could able to trick the authenticated user to delete the existing user from the forum.
POC VIDEO
Wednesday, 7 February 2018
MyBB Forum 1.8.14 Vulnerability:Stored XSS.
This post is about vulnerabilities which I found in MyBB Forum and POC's are created under Windows 10 platform.
# Exploit Title : MyBB Forum 1.8.14
# Exploit Author : Pranav Jagtap
# Tested On : Windows 10 64 Bit
# LinkedIn : iampranavjagtap
# Twitter :pranavH4x0r
Stored XSS Vulnerability:
Authentication : Required Description:
MyBB Forum is not validating and sanitizing the user input properly.By taking an advantage of this loophole an attacker is able to insert malicious the JavaScript and able to store it permanently into the forum.
Please check out the video for more info.
POC VIDEO
Thursday, 18 January 2018
Tiki wiki CMS Groupware 17.1 Multiple Vulnerabilities
This post is about vulnerabilities which I found in Tiki wiki CMS 17.1 and POC's are created under Windows 10 platform and firefox browser v57.0.2.
The CMS does not validate the user input for special
characters, hence it lead an attacker to open a CMD or Calculator on the victim
machine to perform malicious activity.
I have entered payload =cmd|' /C calc'!A0 .
Please check out the video for more info.
HTML injection is an attack that is similar to Cross-site
Scripting (XSS). While in the XSS vulnerability the attacker can inject and
execute JavaScript code, the HTML injection attack only allows the injection of
certain HTML tags. When an application does not properly handle user supplied
data, an attacker can supply valid HTML code, typically via a parameter value,
and inject their own content into the page. This attack is typically used in
conjunction with some form of social engineering, as the attack is exploiting a
code-based vulnerability and a user's trust.
A possible attack scenario is demonstrated below:
Attacker discovers injection vulnerability and decides to use an
HTML injection attack
Attacker crafts malicious link, including his injected HTML
content, and sends it to a user via email
The user visits the page due to the page being located within a
trusted domain
The attacker's injected HTML is rendered and presented to the user
asking for a username and password
The user enters a username and password, which are both sent to the
attackers server.
I have entered payload <h1>hacked</h1>
into the input field on Calendar and save it.
Please check out the video for more info.
POC VIDEO
Monday, 17 July 2017
Bolt CMS 3.2.14 Vulnerabilities:XSS through SVG File
Upload and Stored XSS.
This post is about vulnerabilities which I found in Bolt CMS and POC's are created under Windows 10 platform.
# Exploit Title : Bolt CMS v3.2.14
# Exploit Author : Pranav Jagtap
# Tested On : Windows 10 64 Bit
# LinkedIn : iampranavjagtap
# Twitter :pranavH4x0r
XSS through SVG File Upload Vulnerability: Authentication : Required Description:
CMS allows upload of SVG file without checking the content of it.So If we upload SVG file
containing JavaScript code in it then the CMS fails to check the content of it
because the "Content-Type: image/svg+xml" header will make this attack
works as it fails to recognize that uploaded SVG file has JS contents.
Bolt CMS is not properly validating and sanitizing the user input.By taking an advantage of this loophole an attacker is able to insert malicious the JavaScript and able to store it permanently into the website.
Please check out the video for more info.
POC VIDEO
Note:The vendor of this CMS has not accepted these vulnerabilities.