Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A for any cross site scripting information. Feel free to ask away. 

Current Page: 1 of 1
Results 1 - 12 of 12
1 year ago
cr101
Filtered as in removed or as in it doesn't complete the request at all? Also, what happens if the last character in your input is a '\'? Does it escape the end quote?
Forum: XSS Info
2 years ago
cr101
What exactly are you doing to try to make the browser send a javascript directive in the referrer?
Forum: XSS Info
2 years ago
cr101
Well I assume that the query being passed to the database is something along the lines of SELECT column FROM table WHERE value= '$YOURINPUT'; What happens if you try to make $YOURINPUT something like x'; SELECT * FROM INFORMATION_SCHEMA.tables;-- So that the final query is: SELECT column FROM table WHERE value= 'x'; SELECT * FROM INFORMATION_SCHEMA.tables;--'; It's pretty rare to f
Forum: SQL and Code Injection
2 years ago
cr101
No chance the server supports multiple queries, I assume?
Forum: SQL and Code Injection
2 years ago
cr101
That should work. If you want to run whatever js from there, converting it to CharCode and then eval()-ing it should let you run anything you want without spaces or slashes. So the final injection would be "><body%09onload="eval(String.fromCharCode(convertedPayload))"> Also, if %09 doesn't work for some odd reason, you could try a newline (%0A).
Forum: SQL and Code Injection
2 years ago
cr101
Sure, I'd like to claim that I'm a "real hacker," (doesn't everyone?) but it seems kind of meaningless if I'm the one making the distinction. Growing up, I was all about figuring out why things worked. I'm still the same way, and if that makes me a hacker, cool. I guess at the end of the day, I don't really care about labels, or even the ideology or near-religion associated with hac
Forum: News and Links
2 years ago
cr101
I can embed an iframe in a website, but I can't point it to anything along the lines of "javascript:alert(1)". Is there a page I can build that can run javascript in the context of the parent document? SOP prevents me from directly accessing things like parent.document. Any ideas?
Forum: XSS Info
2 years ago
cr101
What happens if you add your own backslash before the quote? Does it escape that, too? Try making the request http://www.test.com/audioalbumdetails/58\'+order+by+1;-- And see what happens. It's possible the site is using addslashes() to escape ', ", and \. If that's the case, it's possible that the site is still vulnerable. You can read more about it here: http://shiflett.org/blo
Forum: SQL and Code Injection
2 years ago
cr101
I suppose. It's just disappointing to come into a new field and hear that "it's virtue is dead and buried" and "hacking is dead and gone."
Forum: News and Links
2 years ago
cr101
Skyphire Wrote: ------------------------------------------------------- > Another good reason not to be affiliated with > "hackers" anymore. This whole thing is getting > more ridiculous by the second. In case you haven't > noticed, hacking is pretty much dead for a long, > long time. These days you will be headline news > with some stupid SQL/XSS injection and e
Forum: News and Links
2 years ago
cr101
I believe there are still some working vectors. Using "expression" with IE is definitely still an option.
Forum: XSS Info
3 years ago
cr101
Not all SQL databases allow for multiple commands. Instead of ending the current query, I would instead use something along the lines of: a' UNION SELECT level,state FROM userinfo;-- This allows you to see what you want to while still using one statement. EDIT: I misread your original post. Anyway, the first part of my original post remains true: it looks like the SQL DB doesn't accept
Forum: SQL and Code Injection
Current Page: 1 of 1