Solved

XSS

Posted on 2009-04-02
1
198 Views
Last Modified: 2012-05-06
Dear all,

I click this link by mistake,

What does this link do? It didn't opened a page or and alert
Does it harmful?

http://www.phpnuke.org/user.php?op=userinfo&uname=<script>alert(document.cookie);</script>
0
Comment
Question by:Braveheartli
1 Comment
 
LVL 6

Accepted Solution

by:
mosidiot earned 500 total points
ID: 24048649
Nope... Not at all..

First of all, phpnuke is a official clean domain for php addon portal download and stuff, it wouldn't contain anything harmful..

Secondly, <script>alert(document.cookie);</script> doesn't do any harm and even it contain malicious script e.g. the cookie content is something like:
);</script><script>do something bad here;alert("again"

at most the whole thing will look like:

<script>alert();</script><script>do something bad here;alert("again");</script>

But don't forget cookie are only allowed to store a maximum of 3kb of data, that include it's own preset data and etc. I don't believe how harmful can a hundred line of code can do to your computer...

As long as it doesn't prompt you to download and open any file, you should be quite safe...
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

I will show you how to create a ASP.NET Captcha control without using any HTTP HANDELRS or what so ever. you can easily plug it into your web pages. For Example a = 2 + 3 (where 2 and 3 are 2 random numbers) Session("Answer") = 5 then we…
JavaScript has plenty of pieces of code people often just copy/paste from somewhere but never quite fully understand. Self-Executing functions are just one good example that I'll try to demystify here.
The viewer will learn the benefit of using external CSS files and the relationship between class and ID selectors. Create your external css file by saving it as style.css then set up your style tags: (CODE) Reference the nav tag and set your prop…
The viewer will the learn the benefit of plain text editors and code an HTML5 based template for use in further tutorials.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now