Results 1 to 7 of 7
  1. #1
    robater's Avatar
    Join Date
    Dec 2011
    Gender
    male
    Location
    å͒ͩͥͬ̽̌͌͋̾̅́̎͂̋̿&#8
    Posts
    579
    Reputation
    26
    Thanks
    298

    Need help exploiting a website

    So I found a vulnerability on a website that if I found an exploit to would be gg no re. I was wondering if anyone was experienced with scripting and would tell me whats my next step. If I try to do anything with <script> or any evasion shit from here it just shows a blank page and no alert shit.

    Basically I can run all html except for a few like iframe. If anyone has any ideas to exploit this let me know by replying

    This is what I have so far:


    This is what I did to get this:

    Code:
    https://website.com/kek/kek/kek.do?key=<img%20src="https://i2.kym-cdn.com/photos/images/newsfeed/000/960/777/2b7.jpg"%20alt="Mountain%20View"%20style="width:304px;height:228px;">%20<br>%20<h1>dank%20memes%20cant%20melt%20steel%20beams</h1>
    Last edited by robater; 10-09-2015 at 12:21 PM.
    Things I sell:
    1. Steam Games with over 88% discount
    2. Mathway Lifetime Accounts for $7 USD

    Mathway covers: Basic Math, Pre-Algebra, Algebra, Geometry, Trigonometry, Precalculus, Calculus, Statistics, Finite Math, Linear Algebra, and Chemistry.

    Successful Trades: 100+
    Attempted Scams against me: 1

    My current skype: r,i,p,e,r,o,n,i
    Backup skype (incase I get banned again): memes,

  2. #2
    Dave's Ballsack Rag Dumfuck's Avatar
    Join Date
    May 2014
    Gender
    male
    Location
    Somewhere
    Posts
    3,592
    Reputation
    2317
    Thanks
    1,626
    My Mood
    Sleepy
    I would actually post this in the general hacking section
    MPGH Member Level 1 May 2014
    MPGH Donator May 2015
    MPGH Premium Member December 2015
    MPGH News Force Interviewer July 2016 - October 2017
    MPGH Member Level 2 August 2016
    MPGH Premium Seller March 2017
    MPGH Dave's Ballsack Rag - Unknown
    MPGH Realm of the Mad God Minion - December 2017

  3. The Following User Says Thank You to Dave's Ballsack Rag Dumfuck For This Useful Post:

    Plague (10-09-2015)

  4. #3
    Gill Bates's Avatar
    Join Date
    Jun 2012
    Gender
    male
    Location
    /online
    Posts
    1,063
    Reputation
    156
    Thanks
    215
    My Mood
    Happy
    Quote Originally Posted by robater View Post
    So I found a vulnerability on a website that if I found an exploit to would be gg no re. I was wondering if anyone was experienced with scripting and would tell me whats my next step. If I try to do anything with <script> or any evasion shit from here it just shows a blank page and no alert shit.

    Basically I can run all html except for a few like iframe. If anyone has any ideas to exploit this let me know by replying

    This is what I have so far:


    This is what I did to get this:

    Code:
    https://website.com/kek/kek/kek.do?key=<img%20src="https://i2.kym-cdn.com/photos/images/newsfeed/000/960/777/2b7.jpg"%20alt="Mountain%20View"%20style="width:304px;height:228px;">%20<br>%20<h1>dank%20memes%20cant%20melt%20steel%20beams</h1>
    Download Low Orbit Ion Cannon, in the payload message type "Get AdminCP Password [insert website here]" (this will get the Admin's password to hack the site)
    Put it on maximum settings for maximum effect and DO NOT use a VPN, just use your normal IP.
    Once launched, you will be able to take over the website completely, since you will have the password.

  5. #4
    Schuba's Avatar
    Join Date
    Nov 2012
    Gender
    male
    Location
    Music
    Posts
    3,550
    Reputation
    488
    Thanks
    848
    Quote Originally Posted by Gilly Bates View Post
    Download Low Orbit Ion Cannon, in the payload message type "Get AdminCP Password [insert website here]" (this will get the Admin's password to hack the site)
    Put it on maximum settings for maximum effect and DO NOT use a VPN, just use your normal IP.
    Once launched, you will be able to take over the website completely, since you will have the password.
    Sorry if I'm ruining your well thought out joke here (because I didn't get it )
    Isn't LOIC a piece of shit? o;
    Quote Originally Posted by Hova View Post
    When schuba speaks, people listen



     

     
    Joined: November 27th, 2012
    Donator: September 24th, 2014
    News Force: October 17th, 2015 - Current
    News Force Editor: February 4th, 2017 - April, 2017

     


  6. #5
    robater's Avatar
    Join Date
    Dec 2011
    Gender
    male
    Location
    å͒ͩͥͬ̽̌͌͋̾̅́̎͂̋̿&#8
    Posts
    579
    Reputation
    26
    Thanks
    298
    Quote Originally Posted by Gilly Bates View Post
    Download Low Orbit Ion Cannon, in the payload message type "Get AdminCP Password [insert website here]" (this will get the Admin's password to hack the site)
    Put it on maximum settings for maximum effect and DO NOT use a VPN, just use your normal IP.
    Once launched, you will be able to take over the website completely, since you will have the password.
    instructions unclear and got a swat team at my house
    (ot: any serious ideas?)

    - - - Updated - - -

    Quote Originally Posted by Schuba View Post


    Sorry if I'm ruining your well thought out joke here (because I didn't get it )
    Isn't LOIC a piece of shit? o;
    He was joking lol
    Things I sell:
    1. Steam Games with over 88% discount
    2. Mathway Lifetime Accounts for $7 USD

    Mathway covers: Basic Math, Pre-Algebra, Algebra, Geometry, Trigonometry, Precalculus, Calculus, Statistics, Finite Math, Linear Algebra, and Chemistry.

    Successful Trades: 100+
    Attempted Scams against me: 1

    My current skype: r,i,p,e,r,o,n,i
    Backup skype (incase I get banned again): memes,

  7. #6
    Schuba's Avatar
    Join Date
    Nov 2012
    Gender
    male
    Location
    Music
    Posts
    3,550
    Reputation
    488
    Thanks
    848
    Quote Originally Posted by robater View Post
    He was joking lol
    Okay cool, I thought so but I was having a moment.
    Quote Originally Posted by Hova View Post
    When schuba speaks, people listen



     

     
    Joined: November 27th, 2012
    Donator: September 24th, 2014
    News Force: October 17th, 2015 - Current
    News Force Editor: February 4th, 2017 - April, 2017

     


  8. #7
    Gill Bates's Avatar
    Join Date
    Jun 2012
    Gender
    male
    Location
    /online
    Posts
    1,063
    Reputation
    156
    Thanks
    215
    My Mood
    Happy
    Quote Originally Posted by robater View Post
    instructions unclear and got a swat team at my house
    (ot: any serious ideas?)

    - - - Updated - - -



    He was joking lol
    Try to look for online tutorials: Youtube, Google, Pen Testing forums, etc.

Similar Threads

  1. [Help Request] Yet Again Need Help With An Exploit
    By pasquam076 in forum Garry's Mod Coding & Resources
    Replies: 11
    Last Post: 12-23-2014, 09:19 AM
  2. Need help making a website.
    By sebacod3 in forum General
    Replies: 5
    Last Post: 01-02-2014, 04:58 PM
  3. [Help Request] Need help @Login due to No WEbsite Login
    By n0obl0ser in forum Vindictus Help
    Replies: 3
    Last Post: 12-16-2012, 04:26 PM
  4. I need some help finding a website
    By andier in forum CrossFire Help
    Replies: 6
    Last Post: 08-05-2010, 06:02 PM
  5. Building website, NEED HELP !!
    By Dec0r87930 in forum Suggestions, Requests & Help
    Replies: 13
    Last Post: 02-27-2008, 11:36 PM