So there's this site that will turn an image url into an image
when you send it in a message.
For example, if I sent a message that said
It would show the HBH banner.
But it's got a problem in that if you put a PHP page with an image
extension at the end, it will try to display it.
I don't have malicious intentions, but is there any way to use that
to exploit the site?
Posts: 7 Location: United States Joined: 24.10.09 Rank: Moderate
Posted on 03-11-09 06:13
Find other files such as .txt or .html files and put that after the php question mark.
RE: Injection through PHP
Posts: Location: Joined: 01.01.70 Rank: Guest
Posted on 03-11-09 06:27
That won't work though, unless I make my script accept
The site.com would be my site, and script.php would be my script.
So for example, what I thought might work was this:
In script.php, put
and then, in a message, put this:
And I was hoping that it would say "Test" in the message.
Posts: 315 Location: Uk Joined: 24.11.06 Rank: Moderate
Posted on 03-11-09 09:42
So try it?
Try doing that and if it works you probably have yourself an exploitable hole.
Whether or not it will work really depends on the script that displays the image, whether it checks the filetype etc.
Chances are though, it just gets the URL and shoves it between <img src=" and ">
In which case you, you might have an XSS hole.
Hellbound Hackers is the collective work of the staff and the community and is therefore licensed under the CC BY-NC-SA license.