⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 cutenews_show_news_xss.nasl

📁 漏洞扫描源码,可以扫描linux,windows,交换机路由器
💻 NASL
字号:
🔍 
## Script by Noam Rathaus## From: "DarkBicho" <darkbicho@fastmail.fm># Subject: Cross-Site Scripting CuteNews# Date: 28.6.2004 03:39if(description){ script_id(12291); script_version("$Revision: 38 $"); script_cve_id("CAN-2004-0660"); script_bugtraq_id(10620, 10750); if (defined_func("script_xref")) {   script_xref(name:"OSVDB", value:"7283");   script_xref(name:"OSVDB", value:"7284");   script_xref(name:"OSVDB", value:"7285");   script_xref(name:"OSVDB", value:"7286"); }  name["english"] = "CuteNews show_news.php XSS"; script_name(english:name["english"]);  desc["english"] = "Synopsis : The remote web server contains several PHP scripts that are prone tocross-site scripting attacks. Description :The installed version of CuteNews is vulnerable to cross-site scriptingattacks.  An attacker may use this bug to steal the credentials oflegitimate users of this site. See also : http://www.securityfocus.com/archive/1/367289Solution : Upgrade to the latest version of this software.Risk factor: Low / CVSS Base Score : 2 (AV:R/AC:L/Au:NR/C:N/A:N/I:P/B:N)"; script_description(english:desc["english"]);  summary["english"] = "Checks for the presence of an XSS bug in CuteNews";  script_summary(english:summary["english"]);  script_category(ACT_ATTACK);  script_copyright(english:"This script is Copyright (C) 2004 Noam Rathaus"); family["english"] = "CGI abuses : XSS"; family["francais"] = "Abus de CGI"; script_family(english:family["english"], francais:family["francais"]); script_dependencie("cutenews_detect.nasl", "cross_site_scripting.nasl"); script_require_ports("Services/www", 80); exit(0);}## The script code starts here#include("http_func.inc");include("http_keepalive.inc");port = get_http_port(default:80);if(!get_port_state(port))exit(0);if(!can_host_php(port:port))exit(0);if (  get_kb_item(string("www/", port, "/generic_xss")) ) exit(0);# Test an install.install = get_kb_item(string("www/", port, "/cutenews"));if (isnull(install)) exit(0);matches = eregmatch(string:install, pattern:"^(.+) under (/.*)$");if (!isnull(matches)) { loc = matches[2]; req = http_get(item:string(loc, "/show_news.php?subaction=showcomments&id=%3Cscript%3Efoo%3C/script%3E&archive=&start_from=&ucat="), 		port:port); r = http_keepalive_send_recv(port:port, data:req, bodyonly:1); if( r == NULL )exit(0); if("<script>foo</script>" >< r) { 	security_note(port);	exit(0); }}

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -