Société de Sécurité Informatique - Audit Firewall Appliances
La sécurité informatique - La sécurité des informations

Cibleclick.com cookie exploit


Overview


Cibleclick.com stores and passwords in clear text cookies
Discovered on 23/03/2002
Vendor: http://www.cibleclick.com

Risk


Exploit easiness etoile1etoile1etoile1etoile1etoile1
Vulnerability spreading etoile1etoile1etoile1etoile0etoile0
Impact etoile1etoile1etoile1etoile1etoile0
Risk etoile1etoile1etoile1etoile1etoile0

Summary


Cibleclick is a french affiliate program based on banner exchange. Cibleclick offers personalized services including: stats, banner choice, etc. These services are based on login/password authentification, and uses a cookie. The password is stored in clear text in the cookie in clear text.

Details


This is part of the cibleclick cookie :
CIBLE_CLICK_IDENT_ID
my_session_id
www.cibleclick.com/
0
3546759168
32088942
2512385488
29489647
*
PASSWORDD
my_password
www.cibleclick.com/
...Some crap here...

In this example, my_session_id and my_password are the session ID and password in clear text.
Retrieving the cookie is possible to anyone with access to the cookies.txt file, or man-in-the-middle attack, but several browser vulnerabilities allow remote sites to retrieve cookies that were not planted by them. This enables malicious web site operators to 'steal' the Cibleclick cookie, effectively retrieving the password.

Exploit


An exploit has been made in Visual Basic, and can be downloaded at https://www.securiteinfo.com/download/cibleclick.zip. This program searches the cookie on the disk drive, and, if found, prints the password on the screen.

Solution


The solution is to use session ID, and never stores the password in the cookie.
The vendor has been informed and has not solved the problem.

Discovered by


Arnaud Jacques
webmaster@securiteinfo.com

Partagez cet article

Envoyer cet article par Email ! Imprimer cet article ! Exporter cet article en PDF ! Facebook Twitter Google Bookmarks

SecuriteInfo.com est une entreprise française de sécurité informatique. Nous proposons différentes solutions matérielles et prestations de services permettant de sécuriser les données des Systèmes d'Information d'entreprises ou de collectivités. Notre périmètre d'intervention couvre l'intégralité de votre système d'information : Sécurité périmétrique, réseaux, accès distants, VPN, solutions anti-spam et anti-malwares, différents audits réseaux et systèmes, vérification de la politique de sécurité, hébergement sécurisé ...
Facebook SecuriteInfo.com
Twitter de SecuriteInfo.com
Github de SecuriteInfo.com
Calculs scientifiques distribués contre les maladies, équipe SecuriteInfo.com
Profil Virustotal de SecuriteInfo.com
© 2004-2018 - Tous droits réservés - SecuriteInfo.com