Donate to us via Paypal!
Understanding is the answer, hatred is the problem, and hackers are the slaves abused and destroyed in the process of peace online - Deshouleres
Thursday, October 29, 2020
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 110
Guests Online: 108
Members Online: 2

Registered Members: 129474
Newest Member: ZoboCop2
Latest Articles

View Thread

HellBound Hackers | Computer General | Web hacking

Author

Email Script


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 13-08-07 18:22
Here's an email script I came across online,

<form action="/contact.php">
<div><label>Email:</label><br />
<input name="email" type="text" /></div>
<div><label>Name:</label><br />
<input name="name" type="text" /></div>
<div><label>Subject:</label></p>
<select name="subject">
<option>Question</option><br />
<option>Question</option><br />

<option>Question</option><br />
<option>Question</option><br />
</select>
</div>
<div><label>Message</label><textarea name="message"></textarea></div>
<input type="submit" class="button" value="Send Message" />
</form>

does anyone see any vuln that could be exploited? Be specific so I can try and fix them. like sql injections or whatnot.
Author

RE: Email Script

spyware
Member



Posts: 4192
Location:
Joined: 14.04.07
Rank:
God
Warn Level: 90
Posted on 13-08-07 18:24
Post the source of PHP otherwise we can't search for exploits, also, you might want to start with searching yourself first.

Learning SQL & PHP will give you great insight in the anatomy of a program, and therefore great insight in hackable portions of code.



img507.imageshack.us/img507/3580/spynewsig3il1.png
"The chowner of property." - Zeph
[small]
Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.
- Carl Sagan
[center]�Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?� - Ebert[/ce
Author

RE: Email Script


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 13-08-07 18:28
I see like 5 buffer overflows
Author

RE: Email Script

spyware
Member



Posts: 4192
Location:
Joined: 14.04.07
Rank:
God
Warn Level: 90
Posted on 13-08-07 18:29
a-hack wrote:
I see like 5 buffer overflows


Maybe the values of the inputs are being cut in PHP? You don't know that...



img507.imageshack.us/img507/3580/spynewsig3il1.png
"The chowner of property." - Zeph
[small]
Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.
- Carl Sagan
[center]�Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?� - Ebert[/ce
Author

RE: Email Script


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 13-08-07 18:36
i was kidding...
lol sorry i fixed my sig




Edited by on 13-08-07 18:40
Author

RE: Email Script

spyware
Member



Posts: 4192
Location:
Joined: 14.04.07
Rank:
God
Warn Level: 90
Posted on 13-08-07 18:38
a-hack wrote:
i was kidding...


Ah okay Pfft. Anyway, HOLY SIG?!



img507.imageshack.us/img507/3580/spynewsig3il1.png
"The chowner of property." - Zeph
[small]
Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.
- Carl Sagan
[center]�Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?� - Ebert[/ce