Hi
What is the best programming language over the world?
I want to learn but I don't know what I will chose !
Tell me.
The best programming language - Power
Hi
What is the best programming language over the world?
I want to learn but I don't know what I will chose !
Tell me.
Programming languages are each for different purposes. No one language is better than all the others.Originally Posted by deleteX
Hi
What is the best programming language over the world?
I want to learn but I don't know what I will chose !
Tell me.
- For web scripting, we have XHTML, CSS, Javascript, PHP, Perl, ASP, and many more.
- For computer programming, we have C, C++, Java, VB, C#, Perl, Python, and many more.
If you want to learn about websites, try learning XHTML, CSS, and Javascript first before moving on to something like PHP.
If you want to learn about programming, try either C or C++ first; if you have problems with that start with an easier language like Python.
Mike, you know anything about stealing SESSION IDs?
Why would you want to do that?
In order to gain access to someones account?
Im referring to a game I play called Bootleggers.
Its online and textbased. I have made a profile hack once. I coded PHP and obtained SESSION Ids by people viewing my *00x*00 banner. I simply used a cookie editor ( firefox extension ) to add the SESSION.
Well, you would use a flaw such as cross site scripting to steal cookie data. XSS holes are common - there's one in the site you're looking at now.
I'm gonna hope this is it.
<img src="javascript:alert("This?")">
Guess not, maybe...
<img src=javascript:alert("This?")>
Hmm... no....
<img src="javascript:alert('This?')">
Gah, last try, pleaseohplease work...
<img src=alert("Hello")>
-----------------------------------------------
Nvm, theses guys are smart, they change the output to the webpage so it looks like this
I guess the filter replaces my <,>," with the HTML character entity value. I've seen some forums that don't do this, therefore are vulnerable to injection. They would see the alert come up.<!-- message -->
<div id="post_message_*4725">I'm gonna hope this is it.<br />
<br />
<img src="javascript<b></b>:alert("This?"
<br />
Guess not, maybe...<br />
<br />
<img src=javascript<b></b>:alert("This?"
<br />
Hmm... no....<br />
<br />
<img src="javascript<b></b>:alert('This?')"><br />
<br />
Gah, last try, pleaseohplease work...<br />
<br />
<img src=alert("Hello"
<!-- / message -->
Last edited by Moonbat; 11-05-2006 at 09:56 PM.
I will try to post the profile hack I have scripted as soon as possible.
As for Session ID I was referring to the *2 digits cookie such as:
edb0e8665db4e*042fe0*76a8*aade*6
Basically what I did was find a free webhost, upload 4 files, namely; cookies.txt
js.php, js.js.
In my profile I posted a link to my webhost. Whenever someone viewed my profile his/her Session ID was shown on my webhost. I simply copied this Session ID into the Anec Cookie editor...
I submitted;
Name: PHPSESSID
Path: [url]www.bootleggers.us[/url]
And the Session ID
I opened Mozilla Firefox and browsed for [url]www.bootleggers.us/news.php[/url].
Last edited by LapraS; 11-06-2006 at 05:45 AM.
No, the bug is in the top right search box for the actual site. If you enter this into it, you get the popup:
</title></head><body><script type="text/javascript">alert("XSS");</script>
As for bugs in widely used forum scripts; they're rare. In forums like vBulletin, they're non-existent (most of the the time).
Javascript + Advanced html Ftw.
Also C Is ok.
Posting Permissions
Reply With Quote