NetCat forum holes
You have probably already heard about Netcat CMS and have even seen some code samples of this CMS.
Since then, the guys have promised to improve and, among other things, a year ago promised to release a new forum in half a year. Go and now there.
Moreover, already a year later a bug was found, which makes it very easy to write on their forum on behalf of any user. And this bug has not yet been fixed in the versions that the company sells, not on the company's website.
')
So I decided to share this bug.
1) We go in any thread of the forum , let this be for definiteness.
1.5) If you are logged in, you need to log out.
2) Click Answer
3) Enter the number in the "Username" field.
Everything!
The number that we entered and will be the ID of the user on whose behalf the message will appear.
You can imagine what a mess is going on in the system code.
UPD. Now the forum on the company's website is closed. If a patch appears in the near future, we can assume that I achieved what I wanted by publishing this article.
Since then, the guys have promised to improve and, among other things, a year ago promised to release a new forum in half a year. Go and now there.
Moreover, already a year later a bug was found, which makes it very easy to write on their forum on behalf of any user. And this bug has not yet been fixed in the versions that the company sells, not on the company's website.
')
So I decided to share this bug.
1) We go in any thread of the forum , let this be for definiteness.
1.5) If you are logged in, you need to log out.
2) Click Answer
3) Enter the number in the "Username" field.
Everything!
The number that we entered and will be the ID of the user on whose behalf the message will appear.
You can imagine what a mess is going on in the system code.
UPD. Now the forum on the company's website is closed. If a patch appears in the near future, we can assume that I achieved what I wanted by publishing this article.
Source: https://habr.com/ru/post/65121/
All Articles