Mar 5th, 2013
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # Exploit Title: IP Board - Persistent Cross Site Scripting Vulnerability
  2. # Date: December 2012
  3. # Exploit Author: Wuming tgh
  4. # Vendor Homepage: https://www.invisionpower.com
  5. # Software Link: https://www.invisionpower.com
  6. # Version: Affecting all versions below 3.4.2 (Fixed)
  7. # Tested on: Linux,Windows 7
  9. http://i.imgur.com/QzD0KhGl.png
  10. http://i.imgur.com/WEOxuixl.png
  12. 1) Go to My Settings to edit user's profile
  13. localhost/index.php?app=core&module=usercp&tab=core
  14. 2) Find the "Profile Infomation" input field. (textarea)
  15. 3) XSS Vector:
  16. </textarea><script> your script </script>
  17. 4) There are 2 pages that the javascript will be executed. One is the current user's profile. (will only show when you click "edit profile")
  18. Another one is in the admin panel. When an admin views your profile via admin panel the javascript will also be executed.
  20. Simple Scenario:
  21. You might think that it is pretty hard to steal cookies or do anything with it since someone will need to view your profile. However, its pretty simple. Create an account. Start spamming the forum or do something against the rules. The admin will want to ban you. Hence, he views your profile. Done.
RAW Paste Data