Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
For any nonsense or banter that doesn't fit anywhere else. LoL! omg! ROFL! 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
AJAX Via VBScript (Unsure Of Something)
Date: March 18, 2007 06:46AM

The recent article about VBScript has revived my interest in the Internet Explorer exclusive language especially when it comes to XSS vulnerabilities. I found yet another hole on a site my friend is head-administrator at, and because the rest of the administrators had claimed to have known about these holes, but have yet to fix them I figured I'd write a mostly benign worm via VBScript and AJAX. My question is after I send the data request do I have to use a function to close the connection (like required using Winsock) if I wish to then connect to another page? It's been some time since I've used VBScript (since 2004), I still remember everything, but I keep getting an error in my script, and since error checking has to be done manually (I don't believe there's anything to highlight your errors like in Visual Studio) I'm at a lose. So am I required to close the object before I reopen a new URL, and is there any accurate way to check for errors (Error display says it's character 6 on line 29, but I don't see


Awesome AnDrEw - That's The Sound Of Your Brain Crackin'
http://www.awesomeandrew.net/

Options: ReplyQuote
Re: AJAX Via VBScript (Unsure Of Something)
Date: March 18, 2007 06:55AM

where the problem lies)?
Sorry about the post split, but the Wii's trial browser only allows a certain number of characters in each input. Also at what point do I begin counting lines for errors? Do I start at the script tag, after it, do I count blank lines, and does it matter if lines begin to wrap? Normally I'd need no assistance, but I really don't see where the error lies.


Awesome AnDrEw - That's The Sound Of Your Brain Crackin'
http://www.awesomeandrew.net/

Options: ReplyQuote
Re: AJAX Via VBScript (Unsure Of Something)
Date: March 18, 2007 10:54AM

Nevermind my questions. The problem lied in the fact that I had forgotten doesn't accept variable names after the "Next" statement in a loop, and forgot to encapsulate a portion of the string. My VBS "worm" worked well.


Awesome AnDrEw - That's The Sound Of Your Brain Crackin'
http://www.awesomeandrew.net/

Options: ReplyQuote
Re: AJAX Via VBScript (Unsure Of Something)
Posted by: Mephisto
Date: March 18, 2007 02:24PM

Do you mind posting a link to the code or exploit. I think xss vulns using VBScript are generally overlooked so bringing this out (back out?) to the front would be beneficial.

Options: ReplyQuote
Re: AJAX Via VBScript (Unsure Of Something)
Date: March 19, 2007 10:40AM

http://www.awesomeandrew.net/index2.php?content=fd/subeta2
I decided to use VBScript on the newest vulnerability I had discovered on my friend's site as RSnake and pdp inadvertantly renewed my interest in VBS. I tried to explain the code, but I always find it difficult to explain my work. It wasn't a true self-replicating worm as it required a little interaction, the fact the site limited messages to be sent to only a single user (otherwise it could have spread a lot easier), and that it was specifically meant as an example of what "could be" when site administrators decide to ignore known holes.


Awesome AnDrEw - That's The Sound Of Your Brain Crackin'
http://www.awesomeandrew.net/

Options: ReplyQuote


Sorry, only registered users may post in this forum.