Guest PoorStudentPleaseDonate Posted June 4, 2014 Report Posted June 4, 2014 (edited) Site:XSS CHALLENGEParametru vulnerabil(GET):aProof:Imi trimiteti syntaxa pe PM.Solvers:1 @Ganav Edited June 5, 2014 by PoorStudentPleaseDonate Quote
Active Members dancezar Posted June 4, 2014 Active Members Report Posted June 4, 2014 (edited) http://s17.postimg.org/8xp6ui8ym/image.jpgGG//Adica eu nu am executat un alert adevarat? Edited June 4, 2014 by danyweb09 Quote
Goke Posted June 4, 2014 Report Posted June 4, 2014 (edited) Ti-am dat primul PMpune si solverii Edited June 4, 2014 by Goke Quote
Guest PoorStudentPleaseDonate Posted June 4, 2014 Report Posted June 4, 2014 @florin_darck, la fel, o fi de la vbulletin, nu stiu. Quote
.Breacker Posted June 4, 2014 Report Posted June 4, 2014 Rezolva cu gazduirea site-ului,nu mai functioneaza. 1 Quote
Guest PoorStudentPleaseDonate Posted June 4, 2014 Report Posted June 4, 2014 Rezolva cu gazduirea site-ului,nu mai functioneaza.Mie imi merge perfect. Quote
aelius Posted June 5, 2014 Report Posted June 5, 2014 Acum da si el un "grep alert access.log" si isi face o lista de vectori utilizati pentru calea catre glorie si hacking )) NOT. Quote
valcea55 Posted June 5, 2014 Report Posted June 5, 2014 ii dau eu o lista de 2000 vectori daca chiar vrea:)) Quote
Guest PoorStudentPleaseDonate Posted June 5, 2014 Report Posted June 5, 2014 Bravo, v-am adaugt. @aelius, stai linistit ca nu-mi trebuie mie vectori ) si chiar daca-mi trebuiau, cand termina challu imi trimit vectorii pe pm Quote
Ganav Posted June 5, 2014 Report Posted June 5, 2014 (edited) Nu pot face prt sc de pe backtrack. Ti-am trimis solutia prin pm. Incercand diversi vectori am gasit unul care nu apare "pe site-urile de specialitate": window[String.fromCharCode(97,108,101,114,116)](1) Cu window putem apela orice metoda dupa nume sub forma:window["nume_metoda"](1)iar cu String.fromCharCode() cream acest nume pornind de la valoarea ASCII a caracterelor din care este compus.P.S. Nu merge pentru acest challenge insa ruleaza pe localhost. Edited June 5, 2014 by Ganav Quote
Active Members dancezar Posted June 5, 2014 Active Members Report Posted June 5, 2014 (edited) Nu pot face prt sc de pe backtrack. Ti-am trimis solutia prin pm. Incercand diversi vectori am gasit unul care nu apare "pe site-urile de specialitate": window[String.fromCharCode(97,108,101,114,116)](1) Cu window putem apela orice metoda dupa nume sub forma:window["nume_metoda"](1)P.S. Nu merge pentru acest challenge insa ruleaza pe localhost.// Edited June 5, 2014 by danyweb09 Quote
