lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <912907.58995.qm@web38012.mail.mud.yahoo.com>
Date: Sun, 8 Jul 2007 03:04:29 -0700 (PDT)
From: Joseph Hick <leet16y@...oo.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Google/Orkut Authentication/Session Management
	Issue PoC - Interim Results

This is the interim result of a proof of concept for
Google Authentication issues posted in the threads...

1.)
http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/064143.html
(Orkut Server Side Management Error by Susam Pal &
Vipul Agarwal)

2.)
http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/064300.html
(Google Re-authentication Bypass by Susam Pal)

A session was created in Orkut at about Sat Jun 30
20:30 UTC 2007. Between June 30 and now many have
hijacked this session and logged out many times but
the session is alive today as verified on Sun Jul 8 at
09:43:10 UTC 2007. The cookie for this PoC session is
...

Name: orkut_state
Cookie:
ORKUTPREF=ID=11190574376736842125:INF=0:SET=111236436:LNG=1:CNT=0:RM=0:USR=aGlqYWNrbWVwbGVhc2VAZ29vZ2xlbWFpbC5jb20=:PHS=:TS=1183210062:LCL=en-US:NET=1:TOS=1:GC=DQAAAIMAAAArC-mJYqsrCOnv8uVQHdFUccRFQX8-ibRerEzrie5sOWNc06zs4z4fMNpovLUyRcNXHwxk8WzY6Z6SmvxcSmL1hAW4Mrdvazzkssq5VjSO70oE1HSFR4KOkSb3ZLg-U7k0x8c7ZuLHwu_qY2Umy8oobckg9UctWXYd1qoerXUTzsFSuLNXHdiAEVCSw7fUO00:PE=aGlqYWNrbWVwbGVhc2VAZ29vZ2xlbWFpbC5jb20=:GTI=0:GID=aGlqYWNrbWVwbGVhc2VAZ29vZ2xlbWFpbC5jb20=:VER=2:S=1Ah7VcA0JetHQ0Mgyfp4Jb6meXw=:
Domain: .www.orkut.com
Path: /
Send for: Any type of session
Expires: Expire at end of session

This proves that the session remains alive for at
least 7 days after logging out. Steps to verify
this...

1.) Open Firefox, etc. which allows cookie editing.
This extension is required...
https://addons.mozilla.org/en-US/firefox/addon/573

2.) Set the given cookie.

3.) Try to visit http://www.orkut.com/Home.aspx

4.) You will be automatically logged in with my
account. It will not ask for any user-name or
password.

5.) Logout

6.) Repeat steps 1. to 4. You can log in again.

I want to see how long this session remains alive
after multiple logout. If you try this POC leave a
message in the scrapbook of the account here ...
http://www.orkut.com/Scrapbook.aspx

Thanks
Joseph


       
____________________________________________________________________________________
Get the free Yahoo! toolbar and rest assured with the added security of spyware protection.
http://new.toolbar.yahoo.com/toolbar/features/norton/index.php

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ