Jump to content

Script Manipulation?


sirBAMF
 Share

Recommended Posts

Can you manipulate a script using javascript injection the same way you alter a form?

This is the code:

<script language="JavaScript" type="text/JavaScript">

<!--

function MM_goToURL() {

var i, args=MM_goToURL.arguments; document.MM_returnValue = false;

for (i=0; i<(args.length-1); i+=2) eval(args+".location='"+args[i+1]+"'");

}

function init() {

document.frm1.USERID_VC.focus();

}

window.onload = init;

//-->

</script>

Question 2: Can you change this to give you the password or gain access? I know the username.

Link to comment
Share on other sites

Can you manipulate a script using javascript injection the same way you alter a form?

This is the code:

<script language="JavaScript" type="text/JavaScript">

<!--

function MM_goToURL() {

var i, args=MM_goToURL.arguments; document.MM_returnValue = false;

for (i=0; i<(args.length-1); i+=2) eval(args+".location='"+args[i+1]+"'");

}

function init() {

document.frm1.USERID_VC.focus();

}

window.onload = init;

//-->

</script>

Question 2: Can you change this to give you the password or gain access? I know the username.

What password?

Link to comment
Share on other sites

That depends on what is going on server side. If its hitting PHP and an Sql database, you would need to know what version of SQL they are running and then find an appropriate method/sploit to retreive it from the database. More info on the target system and underlying scripts would be needed, like XML-http requests, Ajax,etc, but most things like this aren't impossible, just require the knowledge of how to break it if you know your target system.

If its sending it as a GET request and you see the info in your URL after an attempt to login, you can at least see what it looks like when its submitting the info. (Alternatively on some sites you could edit a form to change it from a POST to GET request and see what is going on to give you further details as to the format of the forms submitted info.)

The Javascript you posted looks like it is already in a GET method since it looks like it appends it to the URL of the site. Without seeing where this came from, I'm going to guess its on a site using asp or aspx, like a windows IIS server of some sort, so chances are they are using msSQL somewhere and might be exploitable to some extent.

If you see the info in the URL, you can try appending things to get it to spit out other data. Google for more help...

Link to comment
Share on other sites

I told myself that I would never use cain, but i broke down and downloaded it last night and it does a great job at sniffing POST passwords and what not. But a MITM attack should get you all the information that you need.

What exactly is the situation, i.e. a residents, coffee shop, school? Then we might be able to give you an way to set up the attack.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...