Sign in or 
| Version | User | Scope of changes |
|---|---|---|
| Nov 1 2007, 8:51 AM EDT (current) | sanjivnidamboor | 4 words added, 3 words deleted |
| Nov 1 2007, 8:49 AM EDT | sanjivnidamboor | 1 word added, 1 word deleted |
Changes
Key: Additions Deletions
I have come across to this site and can't stop my self to laugh at their security.
Site Name : file27.com - File Uploading Site
Security Bug Area ; Login in Their admin panel easily
Guide :
Go to file27.com/admin.php and register fake ID ( do not use your general ID and Password which you are using normally )
Once you registered then Login in your member area from file27.com/admin.php
Now get Firefox's Cookie Editor https://addons.mozilla.org/firefox/addon/573
If you alredyalready have cookie editor then Open it and Search file27's cookies
find the cookie named is_admin and replace Put 1 in its Content Box
Now again visit that page file27.com/admin.php ( Do not refresh but visit it again )
Now you are in Admin Panel of that site
Select User Management from DropdownDrop down and view ID and Pass of all members of that site
( From my experinceexperience most of user choose same password for their all accounts like email, payment transation etc so good luck with you )
I have mailed to this site's owner before some days but he have not fixed his bug, I am security Auditor not hacker and I am no responsible for any damage
Enter at your own risk!
Thanks to spygadgets,
Credit: spygadgets.page.tl-sid
Site Name : file27.com - File Uploading Site
Security Bug Area ; Login in Their admin panel easily
Guide :
Go to file27.com/admin.php and register fake ID ( do not use your general ID and Password which you are using normally )
Once you registered then Login in your member area from file27.com/admin.php
Now get Firefox's Cookie Editor https://addons.mozilla.org/firefox/addon/573
If you alredyalready have cookie editor then Open it and Search file27's cookies
find the cookie named is_admin and replace Put 1 in its Content Box
Now again visit that page file27.com/admin.php ( Do not refresh but visit it again )
Now you are in Admin Panel of that site
Select User Management from DropdownDrop down and view ID and Pass of all members of that site
( From my experinceexperience most of user choose same password for their all accounts like email, payment transation etc so good luck with you )
I have mailed to this site's owner before some days but he have not fixed his bug, I am security Auditor not hacker and I am no responsible for any damage
Enter at your own risk!
Thanks to spygadgets,
Credit: spygadgets.page.tl-sid
