Solved

XSS

Posted on 2009-04-02
1
204 Views
Last Modified: 2012-05-06
Dear all,

I click this link by mistake,

What does this link do? It didn't opened a page or and alert
Does it harmful?

http://www.phpnuke.org/user.php?op=userinfo&uname=<script>alert(document.cookie);</script>
0
Comment
Question by:Braveheartli
1 Comment
 
LVL 6

Accepted Solution

by:
mosidiot earned 500 total points
ID: 24048649
Nope... Not at all..

First of all, phpnuke is a official clean domain for php addon portal download and stuff, it wouldn't contain anything harmful..

Secondly, <script>alert(document.cookie);</script> doesn't do any harm and even it contain malicious script e.g. the cookie content is something like:
);</script><script>do something bad here;alert("again"

at most the whole thing will look like:

<script>alert();</script><script>do something bad here;alert("again");</script>

But don't forget cookie are only allowed to store a maximum of 3kb of data, that include it's own preset data and etc. I don't believe how harmful can a hundred line of code can do to your computer...

As long as it doesn't prompt you to download and open any file, you should be quite safe...
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

What is Node.js? Node.js is a server side scripting language much like PHP or ASP but is used to implement the complete package of HTTP webserver and application framework. The difference is that Node.js’s execution engine is asynchronous and event…
I found this questions asking how to do this in many different forums, so I will describe here how to implement a solution using PHP and AJAX. The logical flow for the problem should be: Write an event handler for the first drop down box to get …
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question