Advice please?

Discuss the many weaknesses of browser security and ways to mitigate the threat

Advice please?

Post by _Flyer_ on Sun Jun 17, 2012 3:26 am
([msg=67307]see Advice please?[/msg])

Hello, I'm kinda new to hacking, I'm just trying to learn, so don't laugh hard if I ask/say something stupid :P
So I've been fooling around login form on one site and discovered that " is not escaped and so typing " in field would close value of value part of input. Typing " /> would close input tag. I tried to type
Code: Select all
" /> <?php echo 'lulz'; ?>

but php got commented out
after some little research I found out that php code can be also embedded using
Code: Select all
<script language="php">echo 'lulz';</script>

so I tried injecting this instead of first option. It got injected just fine but didn't output a thing. Why?

Also, there is place on that site is vulnerable to xss through bbcode
Code: Select all
[img][url=jscodehere]wtf[/url][/img]
(" was escaped in this case, so url tag is needed to close " of scr value of img. Anything interesting I can do with "onerror" js code? I tried cookie stealing but document.cookie is empty because cookies have httponly flag
_Flyer_
New User
New User
 
Posts: 3
Joined: Sun Jun 17, 2012 3:18 am
Blog: View Blog (0)


Re: Advice please?

Post by anarchy420x on Sun Jun 17, 2012 3:56 am
([msg=67308]see Re: Advice please?[/msg])

What site?
A broken clock is right twice a day, however, I am neither up that early nor up that late...
anarchy420x
Poster
Poster
 
Posts: 279
Joined: Thu Oct 16, 2008 12:43 am
Blog: View Blog (0)


Re: Advice please?

Post by _Flyer_ on Sun Jun 17, 2012 9:30 am
([msg=67309]see Re: Advice please?[/msg])

erm does it really matter?
_Flyer_
New User
New User
 
Posts: 3
Joined: Sun Jun 17, 2012 3:18 am
Blog: View Blog (0)


Re: Advice please?

Post by anarchy420x on Sun Jun 17, 2012 10:08 am
([msg=67310]see Re: Advice please?[/msg])

_Flyer_ wrote:erm does it really matter?


Well is it your site?
A broken clock is right twice a day, however, I am neither up that early nor up that late...
anarchy420x
Poster
Poster
 
Posts: 279
Joined: Thu Oct 16, 2008 12:43 am
Blog: View Blog (0)


Re: Advice please?

Post by _Flyer_ on Sun Jun 17, 2012 10:12 am
([msg=67311]see Re: Advice please?[/msg])

obviously nop.
if it was my site, i'd ask how to prevent and not how to use
_Flyer_
New User
New User
 
Posts: 3
Joined: Sun Jun 17, 2012 3:18 am
Blog: View Blog (0)


Re: Advice please?

Post by LoGiCaL__ on Sun Jun 17, 2012 12:55 pm
([msg=67313]see Re: Advice please?[/msg])

Since it's not your site we can't help you with this.
User avatar
LoGiCaL__
Addict
Addict
 
Posts: 1062
Joined: Sun May 30, 2010 12:33 pm
Blog: View Blog (0)



Return to Web

Who is online

Users browsing this forum: No registered users and 0 guests