Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A for any cross site scripting information. Feel free to ask away. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Need a little help with my problem
Posted by: amlewn
Date: October 19, 2009 07:09AM

Hello guys,

I'm looking to build a good xss exploit for the following:

Basically it comes down to this:
<input type="text" name="ap" value="POSTED_VALUE" maxlength="80">

I can use: "onmouseover="alert(0); to get the alert, however I want to load an external JS file (call it j.js for the convenience).

The '<' and '>' are converted to their htmlentities and I'm also restricted to use no more than 75 characters.

Has anybody got a good example of how I could get this to work?

Thanks!

Options: ReplyQuote
Re: Need a little help with my problem
Posted by: amlewn
Date: October 19, 2009 08:25AM

You can forget about the maximum length of characters. That is not of any importance as I'll be recreating the form post. Sorry about that.

Options: ReplyQuote
Re: Need a little help with my problem
Posted by: Gareth Heyes
Date: October 19, 2009 08:29AM

http://sla.ckers.org/forum/search.php?2

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: Need a little help with my problem
Posted by: sirdarckcat
Date: October 21, 2009 10:07AM

http://www.google.com/

--------------------------------
http://sirdarckcat.blogspot.com/ http://www.sirdarckcat.net/ http://foro.elhacker.net/ http://twitter.com/sirdarckcat

Options: ReplyQuote


Sorry, only registered users may post in this forum.