From: lok lok (itslok@hotmail.com)
Date: Sun Apr 07 2002 - 20:21:04 EDT
well, i contacted infopop with this but they haven't fixed it yet..
the prob is that IE will convert "(" or "(" (without the semi-colon)
to "("...
this allows you to do pretty much anything you like on any ubb (probably any
bulletin board) you like..
the way i use it is:
[url=null"onMouseDown="alert(document.cookie);"]click[/url]
the event onMouseDown isn't banned, neither is OnFocus, onMouseOut, and many
many others that i haven' bothered looking up.
so you can steal the cookie, etc, etc, whatever you like.
So far infopop have just said they are fixing it yet infopop.com is STILL
vulnerable at the time of writing this.
it doesn't however work on 6.2 in IMG TAGS, this is because any image with a
" in it will be spaced out..
why they haven't done this in the URL tags is beyond me...,
and for fun and games you can play around with the "style='beep:blah';" all
you like as well...
_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:28:03 EDT