Nmap Development mailing list archives
Re: http-phpself-xss
From: "Hans Nilsson" <hasse_gg () ftml net>
Date: Mon, 30 May 2011 02:07:20 -1100
What about when only certain variables are vulnerable? For example example.com/test.php?<script>alert(1)</script> may not work when example.com/test.php?data=<script>alert(1)</script> works. Or what about if only POST-data is vulnerable? /Hans On Sun, 29 May 2011 03:04 -0700, "Paulino Calderon" <paulino () calderonpale com> wrote:
Hi everyone, I'm attaching my script 'http-phpself-xss', this script detects php files vulnerable to Phpself Cross Site Scripting(*) in a web server. First, the script crawls the webserver to list all php files and then it sends an attack probe to identify all vulnerable scripts. Feel free to test this script against my dummy app -> http://calder0n.com/sillyapp/ (*) Phpself Cross Site Scripting vulnerabilities refers to cross site scripting vulnerabilities caused by the lack of sanitation of the variable $_SERVER["PHP_SELF"] in PHP scripts/web applications. Cheers. -- Paulino Calderón Pale Web: http://calderonpale.com Twitter: @paulinocaIderon _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/ Email had 1 attachment: + http-phpself-xss.nse 12k (text/plain)
-- Hans Nilsson hasse_gg () ftml net -- http://www.fastmail.fm - A no graphics, no pop-ups email service _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- http-phpself-xss Paulino Calderon (May 29)
- Re: http-phpself-xss Hans Nilsson (May 30)
- Re: http-phpself-xss Abuse007 (May 30)
- <Possible follow-ups>
- Re: http-phpself-xss Paulino Calderon (May 30)
- Re: http-phpself-xss Hans Nilsson (May 30)