Follow us on Twitter!
Society leans ever heavily on computers, if you have the power to take out computers you can take out society. - cubeman372
Wednesday, April 16, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 11
Guests Online: 11
Members Online: 0

Registered Members: 82800
Newest Member: santana1744
Latest Articles
View Thread

HellBound Hackers | Computer General | Hacking in general

Author

Reading Mozilla's Color Coding in 'view source'

Infam0us
Member



Posts: 153
Location: 0x080484c6
Joined: 06.09.07
Rank:
Apprentice
Posted on 25-06-08 05:53
I understand what green (comments) black (attribute) blue (value) red (end tag) and Purple (tags), but wth does pink mean? I tried some php injection on a website and my injected php wasn't visible on the page after it was reloaded, but when I viewed the source it was in the source where i injected it but it was pink?

Any Idea?



"Never memorize what you can look up in books." -Albert Einstein
www.rohitab.com/discuss/style_emoticons/default/suicide_anim.gif
[img]http://www.hellboundhackers.org/fusion_infusions/buddy_panel/buddy_delete.php?id=2783[/img]


[img]javasc ript:alert(document.cookie);[/img]
Author

RE: Reading Mozilla's Color Coding in 'view source'

DeafCode
Member



Posts: 214
Location:
Joined: 04.05.08
Rank:
Apprentice
Warn Level: 30
Posted on 25-06-08 05:55
i think pink is for server side executable code



:ninja:
http://2130706433
Author

RE: Reading Mozilla's Color Coding in 'view source'

Infam0us
Member



Posts: 153
Location: 0x080484c6
Joined: 06.09.07
Rank:
Apprentice
Posted on 25-06-08 06:28
DeafCode wrote:
i think pink is for server side executable code


strange then i wonder why it didnt execute? this server has no input validation, and i would like to upload a shell and leave a note for the admin..

I tried to do a header <?php (location: http://google.com); ?> what would be a reason for that not executing??


"Never memorize what you can look up in books." -Albert Einstein
www.rohitab.com/discuss/style_emoticons/default/suicide_anim.gif
[img]http://www.hellboundhackers.org/fusion_infusions/buddy_panel/buddy_delete.php?id=2783[/img]


[img]javasc ript:alert(document.cookie);[/img]
Author

RE: Reading Mozilla's Color Coding in 'view source'

DeafCode
Member



Posts: 214
Location:
Joined: 04.05.08
Rank:
Apprentice
Warn Level: 30
Posted on 25-06-08 07:09
idk im not good with we programming



:ninja:
http://2130706433
Author

RE: Reading Mozilla's Color Coding in 'view source'

clone4
Member



Posts: 586
Location: He is back and he's bad!
Joined: 25.11.07
Rank:
Mad User
Posted on 25-06-08 08:41
You can't inject php through XSS!!!! Only through RFI, if you use search page, there is few days old thread where Mr_Cheese explains it

btw pink color is server side code, that doesn't get executed on the server


[img][/img]img164.imageshack.us/img164/5713/perlvl0.jpg

clone4.freehostia.com/ubuntu_3.png
spyware - "They see me trollin'..."
<yaragn> ever seen that movie? The Matrix?
<yaragn> with those green lines of flying text?
<yaragn> *THAT'S* Perl



Edited by clone4 on 25-06-08 08:42
clone_4@hotmail.com
Author

RE: Reading Mozilla's Color Coding in 'view source'

Uber0n
Member



Posts: 1963
Location: Sweden‭‮
Joined: 13.06.06
Rank:
Hacker Level 3
Posted on 25-06-08 09:51
clone4 wrote:
You can't inject php through XSS!!!! Only through RFI

@OP: Listen to this. There's a big difference between injecting PHP and injecting HTML or javascript.

@clone4: It's not only possible through RFI; let's not forget about eval() Wink (although RFI is far more common)


img230.imageshack.us/img230/724/uber0nsig3hj6.gif
http://uber0n.web. . .
Nope http://uber0n.webs.com/
Author

RE: Reading Mozilla's Color Coding in 'view source'

clone4
Member



Posts: 586
Location: He is back and he's bad!
Joined: 25.11.07
Rank:
Mad User
Posted on 25-06-08 10:02
Uber0n wrote:
@clone4: It's not only possible through RFI; let's not forget about eval() Wink (although RFI is far more common)



yeah forgot about that one Smile well thx for correction Grin


[img][/img]img164.imageshack.us/img164/5713/perlvl0.jpg

clone4.freehostia.com/ubuntu_3.png
spyware - "They see me trollin'..."
<yaragn> ever seen that movie? The Matrix?
<yaragn> with those green lines of flying text?
<yaragn> *THAT'S* Perl

clone_4@hotmail.com