#Home
|
#Search
|
#IRC(
WEB
/
Client
)
|
#MD5 Cracker
|
#Categories
|
#Links
|
#About
XFS - Cross site scripting(XSS) From SQL Injection
Article title : Cross site scripting(XSS) From SQL Injection Author : Pr0T3cT10n <pr0t3ct10n@gmail.com> Site : http://www.nullbyte.org.il -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= [*] Table of Contents: [*] 1 - Presentation. [*] 2 - Explanation. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= [*] 1 - Presentation: [^] What is XFS? [*] XFS(XSS FROM SQL) means that we can execute js code from sql injection vulnerability through the function char(). The function char() is designed to convert ASCII code to char. Thats why we use this function, for execute js code. [^] What we need? [*] SQL Injection. [*] String 2 ASCII converter. [*] The function char. [*] 2 - Explanation: [^] OK, so..first of all. we need ascii converter. online convertor: http://www.easycalculation.com/ascii-hex.php The function char used to return output data. it means that if we will encode n then put it inside the function So the function char() will execute the code. note, you must not have any space on your js code otherwise it will not executed. For example: http://www.example.com/index.php?id=1+union+all+select+1,2,3,4,char(ASCII_CODE),5-- So, if you want to steal cookies, you will need to encode your js code then put it instead ASCII_CODE then send it to your victim. This attack is useful, at least for me..I used it several times and it works fine for me. /Pr0T3cT10n
Back
Send all submissions to nullbyte.israel[at]gmail.com
Copyright © 2009 - 2010 | Queries: 4
