Topic: "Rankk.org Some xss bugs" (page 1 of 1)

1
Author Post
unknown user
Well I was up and about, and came across "rankk.org" a challenge site known to Sheep. So thought I'd post it here

The PM system from rankk.org fails to live by the golden rule:
INPUT filtering, not output filtering.

some vectors:
1)
When you type some script code into the body of the message like so:
</textare><script>alert(document.cookie);</script>

and an incorrect name, press send, you will get an error page, which will execute the script

2) When you forward a message it doesn't htmlescape, however there are additional filters,
that prohibit the use of <script>
you could however send somebody a lot of messages like
bla;</textarea><b onmouseover=alert(document.cookie)>

and expect that he will forward them to another member, i'm sure you can social engineer somebody into forwarding a message. other ways of circumventing the filter might also be possible.

----------------------------------------------------------------

I did not test wether or not rankk.org locks sessions to IP, so feel free to yell at me when this is infact harmless. And just some content injection.

Signing off.
EMail
quangntenemy
groupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmaster
Cool rhican I've been trying to exploit it all the time :D
private message EMail Website
velo
groupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmaster
There are much of challenges similar or same as in here, on tbs. I have solved just enough to see what the levels bring, and when I saw a JS similar as BaRa's True Knight, a challenge similar to alien, Gutenberg delirium tremens, special browser etc, I gave up. A lot of sudoku, nonograms... Not much interesting...
private message
quangntenemy
groupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmaster
Maybe you should try some applet challs at level 5 and 7 there :P
private message EMail Website
velo
groupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmastergroupmaster
'll soon... :-Y
private message

Topic: "Rankk.org Some xss bugs" (page 1 of 1)

1