The srun3000 does not need a password to kick anyone offline.

Srun3000 is an online client used by many colleges and universities. However, the permission issue is not taken into account during the design. As a result, you do not need a password to kick any user offline. You can write a for loop to enjoy your own exclusive network. =
Log on to the srun3000, and click Settings-self-service on the client interface to go to the self-service page:
 
 
 
 
 
Click my status to go to The my status page:
 
 
 
 
 
The JS Code corresponding to this deprecation button is as follows:
 
<Script language = "javascript">
Function drop_user4 (user)
{
If (! Confirm ("the user will be deprecated. Continue? "))
Return;
Document. form1.uname1. value = user;
Document. form1.action. value = "drop_user4 ";
Document. form1.submit ();
}
Function drop_user6 (user)
{
If (! Confirm ("the user will be deprecated. Continue? "))
Return;
Document. form1.uname1. value = user;
Document. form1.action. value = "drop_user6 ";
Document. form1.submit ();
}
</Script>
 
The simple code does not need to be repeated. Note that the value of uname1.value is submitted externally but does not pass the permission check. If the value of uname1.value is submitted by another user, the user will be kicked off and the vulnerability is formed.

Use firebug or chrome Developer Tools to edit the user ID in the deprecate button:
 
Www.2cto.com
 
 
 
For any value, click deprecate. The confirmation dialog box is displayed. After confirmation, the page is displayed. If someone logs on to this ID, 1 user dropped is displayed. If no one logs on, 0 user dropped is displayed.
 
 

 
P.S. I used my next-door student for an experiment and successfully kicked him out. Hope that the vast number of skins can not be ignored, wuhawuha!
 
 
Solution :,
Check permissions, everyone will, just forget to do it.

Author CCOz