Follow us on Twitter!
It is never to LATE to become what you never WERE.
Thursday, April 24, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 15
Guests Online: 14
Members Online: 1

Registered Members: 82889
Newest Member: Geriztul
Latest Articles
View Thread

HellBound Hackers | Computer General | Web hacking

Author

how to hack guestbooks


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 11-12-07 19:50
I have read all the articles about this. Googled this and asked a friend still i cannot get help. The codes for a broken or alerts like <img src="javascript:void(window.location=('http://www.google.com'Wink)">
just display the code and not a alert box please help me. I realize that code above is not a alert box Smile.


PS
dont flame me please! *Takes out fire extiguiser :wow:*
Author

RE: how to hack guestbooks


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 11-12-07 20:09
dude...if all it shows is the code, then it's not vulnerable to that code xD


Author

RE: how to hack guestbooks


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 11-12-07 20:09
html has to be enabled for code to be run Pfft.


Author

RE: how to hack guestbooks


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 11-12-07 21:25
z3ro wrote:
html has to be enabled for code to be run Pfft.

z3ro, r u taking drugs?

OK, man. You can use XSS (Cross Side Scripting) just in case that gb is vulnerable on that attack (input to gb isn't cheked against using of tags, that means programmer didn't use functions on it like: htmlspecialchars or htmlentities (they also use strip_tags, but I don't recommend this one)


And z3ro: beware of taking drugs, it ruins you :happy:


Author

RE: how to hack guestbooks


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 11-12-07 21:50
And z3ro: beware of taking drugs, it ruins you


LIES!


Author

RE: how to hack guestbooks


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 11-12-07 22:32
bushido wrote:
I have read all the articles about this. Googled this and asked a friend still i cannot get help. The codes for a broken or alerts like <img src="javascript:void(window.location=('http://www.google.com'))">
just display the code and not a alert box please help me. I realize that code above is not a alert box :).


PS
dont flame me please! *Takes out fire extiguiser :wow:*



Btw that's way fucking wrong. It looks somethign like this:

Code

<img src="error.gif" onerror="alert('slpctrl pwnz j000000');">





Edited by on 11-12-07 22:34
Author

RE: how to hack guestbooks

spyware
Member



Posts: 4192
Location:
Joined: 14.04.07
Rank:
God
Warn Level: 90
Posted on 11-12-07 22:45
Btw that's way fucking wrong.


It's not wrong.



img507.imageshack.us/img507/3580/spynewsig3il1.png
"The chowner of property." - Zeph
[small]
Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.
- Carl Sagan
[center]�Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?� - Ebert[/ce
Author

RE: how to hack guestbooks


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 11-12-07 22:49
spyware wrote:
Btw that's way fucking wrong.


It's not wrong.


So, it won't just make some bunk javascript into a link?


*tests*


It doesn't work Angry

Edited by on 11-12-07 22:50
Author

RE: how to hack guestbooks

spyware
Member



Posts: 4192
Location:
Joined: 14.04.07
Rank:
God
Warn Level: 90
Posted on 11-12-07 22:50
slpctrl wrote:
So, it won't just make some bunk javascript into a link?

*tests*


Try IE (6.0). Like I said, it's not wrong.



img507.imageshack.us/img507/3580/spynewsig3il1.png
"The chowner of property." - Zeph
[small]
Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.
- Carl Sagan
[center]�Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?� - Ebert[/ce
Author

RE: how to hack guestbooks


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 11-12-07 22:51
WEll now. No fucking shit the tags were stripped. Thats why his code didnt run. Most guestbooks give u an option to allowing users to put html in their post. If this option tags will be stripped and code not run. =html not enabled


Author

RE: how to hack guestbooks

spyware
Member



Posts: 4192
Location:
Joined: 14.04.07
Rank:
God
Warn Level: 90
Posted on 11-12-07 23:05
z3ro wrote:
WEll now. No fucking shit the tags were stripped. Thats why his code didnt run. Most guestbooks give u an option to allowing users to put html in their post. If this option tags will be stripped and code not run. =html not enabled


Lol, you get stopped by a simple defense mechanism like that? Join sla.ckers.org or something, you might learn something.



img507.imageshack.us/img507/3580/spynewsig3il1.png
"The chowner of property." - Zeph
[small]
Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.
- Carl Sagan
[center]�Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?� - Ebert[/ce