Follow us on Twitter!
Become the change you seek in the world. - Gandhi
Wednesday, April 16, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 14
Guests Online: 11
Members Online: 3

Registered Members: 82810
Newest Member: TheDuke777
Latest Articles
View Thread

HellBound Hackers | HellBound Hackers | Questions

Author

xss input


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-09-08 21:35
I have come across a vulnerability on a site however I have noticed that the vulnerability only responds to the following input:
Code
"><script>alert('TEST')</script>



So in other words this doesn't work:
Code
<script>alert('TEST')</script>




My question is why would using the "> make it function properly? Is that how the server interprets a set of direct server input or something of that nature?


Author

RE: xss input

spyware
Member



Posts: 4192
Location: The Netherlands
Joined: 14.04.07
Rank:
God
Warn Level: 90
Posted on 23-09-08 21:41
You have to close another tag first.

Example: <input text="<XSS HERE>">blah</input>



img507.imageshack.us/img507/3580/spynewsig3il1.png
"The chowner of property." - Zeph
[small]
Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.
- Carl Sagan
“Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?” - Ebert
[/s
http://bitsofspy.net
Author

RE: xss input


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-09-08 21:58
So the > closes the tag. And the tag it is closing is the tag for the search. So I close the search and then I am free to XSS. I am not going to though. Not on this site. I may just warn them to fix the issue. Other whys I am gong to stay out of it. I was only wondering about the closing tag. Thanks.


Author

RE: xss input

spyware
Member



Posts: 4192
Location: The Netherlands
Joined: 14.04.07
Rank:
God
Warn Level: 90
Posted on 23-09-08 22:00
chronicburst wrote:
So the > closes the tag. And the tag it is closing is the tag for the search. So I close the search and then I am free to XSS. I am not going to though. Not on this site. I may just warn them to fix the issue. Other whys I am gong to stay out of it. I was only wondering about the closing tag. Thanks.


">



img507.imageshack.us/img507/3580/spynewsig3il1.png
"The chowner of property." - Zeph
[small]
Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.
- Carl Sagan
“Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?” - Ebert
[/s
http://bitsofspy.net
Author

RE: xss input


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-09-08 22:20
spyware wrote:
You have to close another tag first.

Example: <input text="<XSS HERE>">blah</input>



As spyware pointed out, it closes the other quotes and tags
This is what you'll get when you use the "> instead of just the <script>...</script>

<input text="">[XSS]</input>
So it executes whats out side of the <input text=""> instead of whats inside the quotes.

Sorry if i couldn't be more informative but I don't know how to explain it any better than that.

Hope this helped.






Edited by on 23-09-08 22:23
Author

RE: xss input

spyware
Member



Posts: 4192
Location: The Netherlands
Joined: 14.04.07
Rank:
God
Warn Level: 90
Posted on 23-09-08 22:41
...bit of a nasty echo in here, isn't there? Weird. Thought HBH was too shallow to be able to echo.



img507.imageshack.us/img507/3580/spynewsig3il1.png
"The chowner of property." - Zeph
[small]
Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.
- Carl Sagan
“Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?” - Ebert
[/s
http://bitsofspy.net
Author

RE: xss input


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-09-08 23:11
spyware wrote:
...bit of a nasty echo in here, isn't there? Weird. Thought HBH was too shallow to be able to echo.


I was just trying to help.


Author

RE: xss input

spyware
Member



Posts: 4192
Location: The Netherlands
Joined: 14.04.07
Rank:
God
Warn Level: 90
Posted on 23-09-08 23:14
DarkMantis wrote:I was just trying to help.


Help...
elp..
elp..



img507.imageshack.us/img507/3580/spynewsig3il1.png
"The chowner of property." - Zeph
[small]
Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.
- Carl Sagan
“Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?” - Ebert
[/s
http://bitsofspy.net
Author

RE: xss input


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-09-08 23:15
¬_¬


Author

RE: xss input


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 24-09-08 00:09
Haha alright understood. Thanks spyware.
And you too mantis (for trying).