Using alternate characters, it is possible to spoof a user identity in PHP-Post.
e51b0103582e4d9ccb554e4e8e701319f0a3fab7e9dab9e001850b5d433519ff
~ PHOX: PHP-Post Exploit ~
###
# Content
###
- Credits
- BICWAE
- Solution
- Contact
###
# Credits
###
Exploit discovered by Phoxpherus (Phorce), Phox (R&P), Terencentanio (Root32)
Thanks to SilentWolf for the name (BICWAE) ... lmao
###
# BICWAE - Bypassing Input Check With Alternate Entries
###
It's possible to 'spoof' your user identity using alternate characters.
Using the user "Dave" for example (who is an admin at the official site), if we go to the registration page and try to sign up as "Dave"... no dice. However, if we sign up as "Dave"... dice.
Now, we can login as "Dave" and every time someone views our username, it'll be displayed as "Dave".
You may ask what use this is, as it can't grant access to anything in particular, but if you were going to SE your way in, this would be a _VERY_ helpful tool. I aren't going to go into the methods, reason speaks for itself.
###
# Solution
###
You can filter the input either by using:
str_replace("&#", "");
or
str_replace("&", "&")
... or anything else, I suppose. These are just 2 that spring to mind.
###
# Contact
###
Email: terencentanio.enache@btopenworld.com
MSN: al_bhed_brother@microsoft.com
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed