Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: about cookies

From: Eduardo Caballero <sedyer () chi spunge org>
Date: Sun, 19 May 2002 16:22:20 -0500 (CDT)
-----BEGIN PGP SIGNED MESSAGE-----

  Saludos again:


Hi Eduardo. Can you give me an example of the cookie
name (send me the header)? I know of another AudioGalaxy


  Well, the cookie have this format:

SID
135405a83dbd25061c2e7df7b4740a58
audiogalaxy.com/
0
444229504
29495451
501596672
29489518
*
cookieUsername
g----------22  <-The Username in plain text!!!.
audiogalaxy.com/
0
3688152064
29562841
1666096672
29489518
*
cookiePassword
a-------5      <-The Password in plain text!!!.
audiogalaxy.com/
0
3688152064
29562841
1666096672
29489518
*
searchPref
0
audiogalaxy.com/
0
863250176
29562844
3069262080
29489520
*


  I can see in other cookies, that this 'problem' is relatively common;
sometimes this information are encripted with cyphertext format DES or LM.


problem that, if I combine your problem with my problem,
we can probably exploit AudioGalaxy.


  Well, if it's posibble, i like know this mean.


  One more time, excuse my english. :)


  See you later, and thanks.


  ReYDeS


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv

iQEVAwUBPOZsbiW7thlnidfFAQESGgf/QkWM0FhLy2x2O/kalWDLJiuOHXjj3t50
gkXdkNQOdHqN9ZIJnMhOlHrrtMWCJD7AaR/6aL/sQUsE+D6aHDwAJ7/Nl6ijQb3v
GAs92AoW1daUsW92fPebEvJvpebaZtUw7oSF9eWnrLJULseIJCvvixToCColemJ3
eP6JFnx+ONh70aiGXzK/pP2cH/7aGr97sZNULazDiB7DJnHZLy9sb2mXddx/9mmm
uUfUxPNWDomiqjvSSnh2jkMnsC4pi94DqGRvB480nMtSMd+fGy8opf7p6f6hTmsQ
Su+24l5GLa+xuiVHd+v90EwmYy31xtBEKgtsmHOwdQba2gleUJw5mg==
=PC35
-----END PGP SIGNATURE-----


.                  .                          .
 Eduardo Caballero | ReYDeS () BigFoot com
 RareGaZz-Team Member | http://RareGaZz.com.ar
 Security Wari Projects Member | (SWP)
 ICQ: 139649191
Previous By Date Next
Previous By Thread Next

Current thread: