Hi :)
What is the best programming language over the world?
I want to learn but I don't know what I will chose !
Tell me. ;)
Printable View
Hi :)
What is the best programming language over the world?
I want to learn but I don't know what I will chose !
Tell me. ;)
[QUOTE=deleteX]Hi :)
What is the best programming language over the world?
I want to learn but I don't know what I will chose !
Tell me. ;)[/QUOTE]
Programming languages are each for different purposes. No one language is better than all the others.
[LIST][*]For web scripting, we have XHTML, CSS, Javascript, PHP, Perl, ASP, and many more.
[*]For computer programming, we have C, C++, Java, VB, C#, Perl, Python, and many more.[/LIST]
If you want to learn about websites, try learning XHTML, CSS, and Javascript first before moving on to something like PHP.
If you want to learn about programming, try either C or C++ first; if you have problems with that start with an easier language like Python.
Mike, you know anything about stealing SESSION IDs?
[QUOTE=LapraS]Mike, you know anything about stealing SESSION IDs?[/QUOTE]
Why would you want to do that?
In order to gain access to someones account?
Im referring to a game I play called Bootleggers.
Its online and textbased. I have made a profile hack once. I coded PHP and obtained SESSION Ids by people viewing my *00x*00 banner. I simply used a cookie editor ( firefox extension ) to add the SESSION.
[QUOTE=LapraS]In order to gain access to someones account?
Im referring to a game I play called Bootleggers.
Its online and textbased. I have made a profile hack once. I coded PHP and obtained SESSION Ids by people viewing my *00x*00 banner. I simply used a cookie editor ( firefox extension ) to add the SESSION.[/QUOTE]
Well, you would use a flaw such as cross site scripting to steal cookie data. XSS holes are common - there's one in the site you're looking at now.
I'm gonna hope this is it.
<img src="javascript:alert("This?")">
Guess not, maybe...
<img src=javascript:alert("This?")>
Hmm... no....
<img src="javascript:alert('This?')">
Gah, last try, pleaseohplease work...
<img src=alert("Hello")>
-----------------------------------------------
Nvm, theses guys are smart, they change the output to the webpage so it looks like this
[QUOTE]<!-- message -->
<div id="post_message_*4725">I'm gonna hope this is it.<br />
<br />
<img src="javascript<b></b>:alert("This?")"><br />
<br />
Guess not, maybe...<br />
<br />
<img src=javascript<b></b>:alert("This?")><br />
<br />
Hmm... no....<br />
<br />
<img src="javascript<b></b>:alert('This?')"><br />
<br />
Gah, last try, pleaseohplease work...<br />
<br />
<img src=alert("Hello")></div>
<!-- / message -->
[/QUOTE]
I guess the filter replaces my <,>," with the HTML character entity value. I've seen some forums that don't do this, therefore are vulnerable to injection. They would see the alert come up.
I will try to post the profile hack I have scripted as soon as possible.
As for Session ID I was referring to the *2 digits cookie such as:
edb0e8665db4e*042fe0*76a8*aade*6
Basically what I did was find a free webhost, upload 4 files, namely; cookies.txt
js.php, js.js.
In my profile I posted a link to my webhost. Whenever someone viewed my profile his/her Session ID was shown on my webhost. I simply copied this Session ID into the Anec Cookie editor...
I submitted;
Name: PHPSESSID
Path: [url]www.bootleggers.us[/url]
And the Session ID
I opened Mozilla Firefox and browsed for [url]www.bootleggers.us/news.php[/url].
[QUOTE=Moonbat]I'm gonna hope this is it.
<img src="javascript:alert("This?")">
Guess not, maybe...
<img src=javascript:alert("This?")>
Hmm... no....
<img src="javascript:alert('This?')">
Gah, last try, pleaseohplease work...
<img src=alert("Hello")>
-----------------------------------------------
Nvm, theses guys are smart, they change the output to the webpage so it looks like this
I guess the filter replaces my <,>," with the HTML character entity value. I've seen some forums that don't do this, therefore are vulnerable to injection. They would see the alert come up.[/QUOTE]
No, the bug is in the top right search box for the actual site. If you enter this into it, you get the popup:
</title></head><body><script type="text/javascript">alert("XSS");</script>
As for bugs in widely used forum scripts; they're rare. In forums like vBulletin, they're non-existent (most of the the time).
Javascript + Advanced html Ftw.
Also C Is ok.