Joseph Hick wrote: > This is the interim result of a proof of concept for > Google Authentication issues posted in the threads... > > 1.) > http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/064143.html > (Orkut Server Side Management Error by Susam Pal & > Vipul Agarwal) > > 2.) > http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/064300.html > (Google Re-authentication Bypass by Susam Pal) > > A session was created in Orkut at about Sat Jun 30 > 20:30 UTC 2007. Between June 30 and now many have > hijacked this session and logged out many times but > the session is alive today as verified on Sun Jul 8 at > 09:43:10 UTC 2007. The cookie for this PoC session is > ... > > Name: orkut_state > Cookie: > ORKUTPREF=ID=11190574376736842125:INF=0:SET=111236436:LNG=1:CNT=0:RM=0:USR=aGlqYWNrbWVwbGVhc2VAZ29vZ2xlbWFpbC5jb20=:PHS=:TS=1183210062:LCL=en-US:NET=1:TOS=1:GC=DQAAAIMAAAArC-mJYqsrCOnv8uVQHdFUccRFQX8-ibRerEzrie5sOWNc06zs4z4fMNpovLUyRcNXHwxk8WzY6Z6SmvxcSmL1hAW4Mrdvazzkssq5VjSO70oE1HSFR4KOkSb3ZLg-U7k0x8c7ZuLHwu_qY2Umy8oobckg9UctWXYd1qoerXUTzsFSuLNXHdiAEVCSw7fUO00:PE=aGlqYWNrbWVwbGVhc2VAZ29vZ2xlbWFpbC5jb20=:GTI=0:GID=aGlqYWNrbWVwbGVhc2VAZ29vZ2xlbWFpbC5jb20=:VER=2:S=1Ah7VcA0JetHQ0Mgyfp4Jb6meXw=: > Domain: .www.orkut.com > Path: / > Send for: Any type of session > Expires: Expire at end of session > > This proves that the session remains alive for at > least 7 days after logging out. Steps to verify > this... > > 1.) Open Firefox, etc. which allows cookie editing. > This extension is required... > https://addons.mozilla.org/en-US/firefox/addon/573 > > 2.) Set the given cookie. > > 3.) Try to visit http://www.orkut.com/Home.aspx > > 4.) You will be automatically logged in with my > account. It will not ask for any user-name or > password. > > 5.) Logout > > 6.) Repeat steps 1. to 4. You can log in again. > > I want to see how long this session remains alive > after multiple logout. If you try this POC leave a > message in the scrapbook of the account here ... > http://www.orkut.com/Scrapbook.aspx > > Thanks > Joseph > >
It works great. But I am not able to find a similar cookie for my account. Am I missing something ? Thanks Deepan _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
