Pathetic Websites

...let us know what you think, free speech!
Post Reply
User avatar
Gogeta70
^_^
^_^
Posts: 3247
Joined: 25 Jun 2005, 16:00
15

Pathetic Websites

Post by Gogeta70 »

Hey, this thread shall be dedicated to websites with poor coding and alot of exploits, or even just one pathetic one. Tell us about the exploit you found, so we shall laugh at the maker of the pathetic website.

Heres mine:

A friend of mine said he found a website he was SURE that was exploitable, but couldn't put his finger on it. So, i signed up for the website. The website allows you one page on their site where you can fully customize it. (Kind of like xanga, or myspace). Now, in their edit area the form reads something like this:

Code: Select all

<form action=edityea.php method=post>
Title<br>
<input type=text name="title" size=40><br><br>
Body<br>
<textarea cols=x rows=x name='body'>
</textarea><br>
<input type=submit value="Submit Changes">
<input type=hidden name='user' value="[username in use by user editing their page]">
</form>
Now for any web designers out there, you'd guess that that hidden input area is the most important part of the form, telling the site WHICH page to edit. Well, i made another user and did this:

java:void(document.forms[1].user.value="spareacct");alert(document.forms[1].user.value)

And thus changing the value of the input area. Then, i submitted the data and checked MY yea page (the yea page is your own customizable page).
Then i logged into the spare account and the page was editted... That's one helluva stupid web designer, agree?

By the way people, don't give the website's url, i don't want anyone to break the rules.
¯\_(ツ)_/¯ It works on my machine...

User avatar
Nerdz
The Architect
The Architect
Posts: 1127
Joined: 15 Jun 2005, 16:00
15
Location: #db_error in: select usr.location from sucko_member where usr.id=63;
Contact:

Post by Nerdz »

Well, I don't have example in mind but... how many time I have seen so much website which give you some nice juicy error msg... :( To all webadmin in here. PLZ DON'T GIVE SO MUCH STEAK AROUND THE BONES!
There i have put a ' into a search field...

Code: Select all

Le message : DB Error: syntax error
Erreur détaillé : SELECT distinct s.id_data, s.fichier, s.titre, s.date_unix FROM stack s, keyword k, article_data a WHERE s.id_data = k.id_data AND s.id_data = a.id AND a.quotidien_id = 81 AND s.approved='1' AND k.keyword like '%'%' AND s.date_unix >= 1143522000 AND s.date_unix <= 1146196799 order by s.date_unix desc LIMIT 0, 20 [nativecode=1064 ** You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '' AND s.date_unix >= 1143522000 AND s.date_unix <= 1146196799 o]
Give a man a fish, you feed him for one day.
Learn a man to fish, you feed him for life.

User avatar
LaBlueGirl
Suckopithicus chickasaurus
Suckopithicus chickasaurus
Posts: 513
Joined: 22 Mar 2006, 17:00
14
Location: Brussel
Contact:

Not sure if this counts but:

Post by LaBlueGirl »

"Hey, Crash!
Ever tried walking with no legs?

It's real slow!"
~Crunch, Crash Bandicoot TTR

Post Reply