Sunday, July 08, 2007

Google/Orkut Authentication/Session Management Issue PoC

A session was created in Orkut at about Sat Jun 30
20:30 UTC 2007. Between June 30 and now many have
hijacked this session and logged out many times but
the session is alive today as verified on Sun Jul 8 at
09:43:10 UTC 2007. The cookie for this PoC session is
...

Name: orkut_state
Cookie:
ORKUTPREF=ID=11190574376736842
125:INF=0:SET=111236436:LNG=1:CNT=0:RM=0:USR=aGlqYWNrbWVwbGVhc2VAZ29vZ2xlbWFpbC5jb20=:PHS=:TS=1183210062:LCL=en-US:NET=1:TOS=1:GC=DQAAAIMAAAArC-mJYqsrCOnv8uVQHdFUccRFQX8-ibRerEzrie5sOWNc06zs4z4fMNpovLUyRcNXHwxk8WzY6Z6SmvxcSmL1hAW4Mrdvazzkssq5VjSO70oE1HSFR4KOkSb3ZLg-U7k0x8c7ZuLHwu_qY2Umy8oobckg9UctWXYd1qoerXUTzsFSuLNXHdiAEVCSw7fUO00:PE=aGlqYWNrbWVwbGVhc2VAZ29vZ2xlbWFpbC5jb20=:GTI=0:GID=aGlqYWNrbWVwbGVhc2VAZ29vZ2xlbWFpbC5jb20=:VER=2:S=1Ah7VcA0JetHQ0Mgyfp4Jb6meXw=:
Domain: .www.orkut.com
Path: /
Send for: Any type of session
Expires: Expire at end of session


Google Authentication issues posted in the threads...

1.)
http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/064143.html
(Orkut Server Side Management Error by Susam Pal &
Vipul Agarwal)

2.)
http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/064300.html
(Google Re-authentication Bypass by Susam Pal)

No comments: