WebApp Sec mailing list archives
Re: XSS help
From: Dan Daggett <ddaggett () gmail com>
Date: Mon, 9 Aug 2004 08:57:04 -0600
On Mon, 09 Aug 2004 23:12:34 +1000, Serg B. <serg () dodo com au> wrote:
So the question is how I could run PHP (not JavaScript, since that was covered in numerous papers and presentations...) from what I found.
Well unless the contents of the var variable are being saved to a file and then included into the PHP script I don't see how you can. $handle = fopen("/path/to/include/file","w"); fputs($handle,$_GET['var']); fclose($handle); include("/path/to/include/file"); The problem is that it is being read in via a variable in PHP so everything within that variable is just printed as is. ie: echo $_GET['var']; So basically whatever you pass through the URL is being quoted and placed in a string variable. Dan Daggett
Current thread:
- XSS help Serg B. (Aug 09)
- Re: XSS help Dan Daggett (Aug 09)
- Re: XSS help David Precious (Aug 09)
- RE: XSS help Mike Andrews (Aug 09)
- Re: XSS help Serg B. (Aug 09)
- RE: XSS help Matt Szubrycht (Aug 09)
- Re: XSS help Blake Schneider (Aug 13)
- unsubsribe Riccardo Tempesta (Aug 17)
- <Possible follow-ups>
- Re: XSS help focus (Aug 09)