Hello all , It's been a long day since i blogged
Recently i was fuzzing around our college gate pass management system and found something intresting , the cookie that was set was a base64 encoded json object , which was further encrypted and had mac in it !
The cookie was actually produced by Laravel PHP framework , the format of json is {iv,value,mac} , and i found a bug (by googling) in it's encryption algoritm (iv was not used in mac)
and another '!=' comparision was used in mac comparision hence leading to PHP type-juggling bug , i was very excited to exploit it but unfortunately the bug
was patched since 2014 :(
I am going to continue hunting for bugs , hope see you with another bug :)