<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7652.5">
<TITLE>phpTrafficA <=1.4.3 Admin Login Bypass</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/plain format -->
<P><FONT SIZE=2>-=[--------------------ADVISORY-------------------]=-<BR>
<BR>
phpTrafficA <=1.4.3<BR>
<BR>
Author: CorryL [corryl80@gmail.com] <BR>
-=[-----------------------------------------------]=-<BR>
<BR>
<BR>
-=[+] Application: phpTrafficA<BR>
-=[+] Version: <=1.4.3<BR>
-=[+] Vendor's URL: <A HREF="http://soft.zoneo.net/phpTrafficA/index.php">http://soft.zoneo.net/phpTrafficA/index.php</A><BR>
-=[+] Platform: Windows\Linux\Unix<BR>
-=[+] Bug type: Admin Login Bypass<BR>
-=[+] Exploitation: Remote<BR>
-=[-]<BR>
-=[+] Author: CorryL ~ corryl80[at]gmail[dot]com ~<BR>
-=[+] Reference: <A HREF="http://corryl.altervista.org/">http://corryl.altervista.org/</A><BR>
-=[+] Irc Chan: irc.darksin.net #x0n3-h4ck <BR>
-=[+] Dork: intitle:phpTrafficA -- web statistics<BR>
<BR>
..::[ Descriprion ]::..<BR>
<BR>
phpTrafficA is a GPL statistical tool for web traffic analysis, written in php and mySQL.<BR>
It can track access counts to your website, search engines, keywords,<BR>
and referrers that lead to you, operating systems, web browsers, visitor retention,<BR>
path analysis, and a lot more!<BR>
<BR>
<BR>
<BR>
..::[ Bug ]::..<BR>
<BR>
This software is affection from a bug type login bypass, a remote attaker<BR>
is able to exploit this vulnerability for loghing with privileges to administrator.<BR>
To exploit this bug needs to use a software to track and modify https / https request, example<BR>
"TamperData" an addons for firefox that allows to do this.<BR>
Once intercepted the http request adding a header "Cookie" with the value username=traffic.<BR>
<BR>
..::[ Proof Of Concept ]::..<BR>
<BR>
adding the header Cookie with the value username=traffic<BR>
<BR>
</FONT>
</P>
</BODY>
</HTML>