Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: XSS help
From: Serg B. (sergdodo.com.au)
Date: Mon Aug 09 2004 - 12:11:34 CDT
Onother, possibly silly question but i dont know the answer...
Is there a way to view source code (of php script) somehow through
envoking JS. I mean I know one is server other is client side but still
rather interested if thats possible.
On Tue, 2004-08-10 at 02:05, David Precious wrote:
> On Monday 09 August 2004 14:12, Serg B. wrote:
> > Hi All,
> > I am testing a site and came across a scenario where there is a login
> > form displayed on front page with a form heading that is displayed by
> > being passed in, from GET variable by appending it to the URL.
> > So this leads me to the next thought. Is it at all possible to
> > execute an arbitrary server side code on the server via this bug?
> > E.g.:
> > www.mydomain.com/form.php?var=<?php echo 'test' ?>
> > This was unsuccessful since quotes (both ' and ") got escaped. I then
> > tried:
> > www.mydomain.com/form.php?var=<?php echo 1 ?>
> > Which echoed everything, PHP tags, code, etc (from looking at page
> > source). I also tried to wrap all of this business in JS escape
> > function with no luck.
> > was covered in numerous papers and presentations...) from what I
> > found.
> No, the PHP script will just be echo'ing out the 'var' variable - it
> should not be attempting to execute it.
> Because the coder hasn't taken precautions to clean the input, it will
> execute it, but it will not execute any PHP code - it'll just get
> returned to the browser as-is.
> David P