Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

XSS

Posted on 2009-04-02
1
Medium Priority
?
216 Views
Last Modified: 2012-05-06
Dear all,

I click this link by mistake,

What does this link do? It didn't opened a page or and alert
Does it harmful?

http://www.phpnuke.org/user.php?op=userinfo&uname=<script>alert(document.cookie);</script>
0
Comment
Question by:Braveheartli
1 Comment
 
LVL 6

Accepted Solution

by:
mosidiot earned 2000 total points
ID: 24048649
Nope... Not at all..

First of all, phpnuke is a official clean domain for php addon portal download and stuff, it wouldn't contain anything harmful..

Secondly, <script>alert(document.cookie);</script> doesn't do any harm and even it contain malicious script e.g. the cookie content is something like:
);</script><script>do something bad here;alert("again"

at most the whole thing will look like:

<script>alert();</script><script>do something bad here;alert("again");</script>

But don't forget cookie are only allowed to store a maximum of 3kb of data, that include it's own preset data and etc. I don't believe how harmful can a hundred line of code can do to your computer...

As long as it doesn't prompt you to download and open any file, you should be quite safe...
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface This is the third article about the EE Collaborative Login Project. A Better Website Login System (http://www.experts-exchange.com/A_2902.html) introduces the Login System and shows how to implement a login page. The EE Collaborative Logi…
Have you tried to learn about Unicode, UTF-8, and multibyte text encoding and all the articles are just too "academic" or too technical? This article aims to make the whole topic easy for just about anyone to understand.
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5. As we learned in our last micr…
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
Suggested Courses

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question