TUCoPS :: Web :: Specific Sites :: b06-3063.htm

Chatizens.com - XSS with cookie disclosure
Chatizens.com - XSS with cookie disclosure
Chatizens.com - XSS with cookie disclosure


Chatizens.com Also known as Chattown.com=0D
=0D
Homepage:=0D
http://www.chatizens.com=0D 
=0D
Affected files:=0D
=0D
* Profile input boxes:=0D
=0D
All input boxes of your profile.=0D
=0D
* Browsing the forums=0D
--------------------------------------------=0D
=0D
XSS vuln with cookie disclosure via profile input boxes.=0D
=0D
To bypass chatizens filters of adding backslashes to ' and ", we use the long UFT-8 unicode of '. PoC:=0D
=0D
=0D
=0D
And to display our cookie:=0D
=0D
=0D
=0D
Screenshot:=0D
http://www.youfucktard.com/xsp/chatizen1.jpg=0D 
http://www.youfucktard.com/xsp/chatizen2.jpg=0D 
=0D
---------------------------------------------=0D
heh, it seems chatizens.com is using a webapp I auditing before, Alstrasoft E-Friends. =0D
=0D
Screenshot:=0D
http://www.youfucktard.com/xsp/chatizen3.jpg=0D 
=0D
-------------------------------------------=0D
=0D
XSS vuln via viewing forum categories:=0D
=0D
">">'><""><'<"=0D">http://chatizens.com/friends/index.php?mode=forums&act=viewcat&seid=19">">">'><""><'<"=0D 
=0D
Screenshot:=0D
http://www.youfucktard.com/xsp/chatizen4.jpg=0D

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH