Today, a friend of mine was really proud to show me the [Home Automation][]installation he just bought. Well, since he lives in France and I am in DC, heshowed me the web interface that was able to control the lights etc. in hishouse. As he wanted to test this domotic system, he only plugged his Christmastree lights on the system.
It was so easy to make it blinking with a simple script that I showed it to him. So well, every 5 seconds, it would change thestate.
Anyway, this CSRF is not a bigdeal for him since it's only the Christmas tree lights, it's only a temporaryinstallation and well, it's fun. But after a simple google search, I foundanother site like my friend's. The URL that Google return is:
http://XXX.XXX.XXX.XXX:88/control_exe.htm;3;1;ON
Which is basically turning on some device... :)
Also, not only this application has tons of CSRF, but also a nice stored XSSwhich let you do whatever you want with it! And btw, since the Google Robotreported this, it means that every time that it crawls the website (or atleast, reaches that particular URL), it will set the device ON :)
Web security enters your house, f34rs!