GSR-IconBannerAd_v1d

Security Advisories

Trustwave Press Releases

« Breaking the Authentication Chain | Main | TrustKeeper Scan Engine Update - April 3, 2013 »

02 April 2013

Comments

You are correct Ram Ram, the $hmac value is pulled directly from the user's cookie.

where does $hmac came from? when checking the session? from the user's cookie?

Correct Vikas, the PoC example will only work when it is ran on an actual wordpress installation, and it will only generate authentication cookies for that site.

So.. the code you provide has to be run on wordpress installed server, right? Otherwise, how you will you capture 4 chars of user password. Just wanted to clarify there.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment