Donate to us via Paypal!
Few are those who can see with their own eyes and hear with their own hearts. - Albert Einstein
Sunday, October 25, 2020
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 95
Guests Online: 94
Members Online: 1

Registered Members: 129356
Newest Member: zannes90
Latest Articles

View Thread

HellBound Hackers | Computer General | Web hacking

Author

Help hacking Guestbook


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-01-07 02:10
Hello,

I have been playing around with this guestbook application lately, and I think its vulnerable to XSS. I'll explain:

I first tried
Code

<script>





in the comment box, and after quite anumber of tests, I figured, it won't allow the word <script>, or even <s. So to make a long story short, I have figured a way around this by "HTML entities encoding" the <script> string, so it passes, so I submitted:

Code

<script language = "Javascript">alert('Hello');</script>





So that managed to get past the filter, but when I viewed the guestbook, the string:

Code

<script language = "Javascript">alert('Hello');
 </script>





why was there in plaintext, why didn't the application interpret and output it as javascript? Also it allows images too, is there anything I can do with that?

Thanks.
Author

RE: Sorry.


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-01-07 02:12
The first javascript example was supposed to be encoded, guess this board did the same..
Author

RE: Help hacking Guestbook


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-01-07 07:05
Double post..




Edited by on 07-01-07 07:05
Author

RE: Help hacking Guestbook


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-01-07 07:05
Are you sure that HTML is allowed?


Type something like

Code
<b>Cool</b>site!




If Cool is in bold..then i can't help you any further, if it is not in bold, then i still cant help you any further.


Author

RE: Help hacking Guestbook


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-01-07 07:07
if they have tags like we have here using
Code
  bold


and such, you can find a way to escape that...or use the url one to make a javascript url that automatically redirects or something


Author

RE: Okay.


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-01-07 22:19
Thanks for the replies, yes they allow HTML, you can choose between that and plain text, I'll just play around with it a bit more, if you want, PM me and I'll give you the URL, and we can work on it together. Thanks anyways.
Author

RE: Help hacking Guestbook


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 19-02-07 17:45
if they use tags like
[b]
instead of
<b>
What do you do?
Author

RE: Help hacking Guestbook


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-02-07 20:36
i found xss vunrability in a search engine that enables javascript and html injection.
and i dono wer to go further with it too, what scripts/commands should i inject?Frown


Author

RE: Help hacking Guestbook


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-02-07 20:40
If you need help hacking a guestbook then you need help with your ability to learn and grasp concepts ...


Author

RE: Help hacking Guestbook


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-02-07 23:24
-The_Flash- wrote:
If you need help hacking a guestbook then you need help with your ability to learn and grasp concepts ...

true that


Author

RE: Help hacking Guestbook


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-02-07 22:12
Well, what I mostly do (and its freaking awesome) is if they have HTML allowed is this:
Code
<img src="blah.gif" onerror="alert('hi')">




From there you can redirect, ect.