|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 46
Members: 0
Total: 46
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Help me XSS Php-nuke 7.6 |
|
Posted: Thu Feb 24, 2005 3:04 pm |
|
|
Dora |
Regular user |
|
|
Joined: Dec 21, 2004 |
Posts: 10 |
|
|
|
|
|
|
|
I read xploit in nukie 7.6
URL
modules.php?name=Downloads&d_op=NewDownloads&newdownloadshowdays=[xss code here]
as waraxe say PHp-nuke have some coutermeasures against trivial xss attacks .
When i tried replace [xss code] = <script> alert()</script> . It return noting .
I encode <script> alert()</script> to HEX or Base64 but stil have no result .
WHo can help me to xploit this xss bug
Give me a proof of concept . Thank a lot ! |
|
|
|
|
Posted: Thu Feb 24, 2005 3:50 pm |
|
|
HaCkZataN |
Regular user |
|
|
Joined: Feb 23, 2005 |
Posts: 11 |
|
|
|
|
|
|
|
How about
Code: | <script> for (i = 1; i < 10; i = i++) { alert(" Hey ");}</script>
"></script><iframe src=http://Hello> |
|
|
|
|
|
www.waraxe.us Forum Index -> Cross-site scripting aka XSS
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|