Injection via User Agents
Injection via User Agents
ghost | 10566 Reads | http://atom.smasher.org/links/
Go ahead visit the link, I swear it’s not Rick. I was using Stumble Upon after completing one of the User Agent Switcher challenges. So this site shows me my IP Address and my OS and browser and quotes 1984 (Oh my, I’m SO scared). Big Brother? More like Oh Brother. And to prove it, I thought I would redesign the page a little.
There’s no search boxes or logins, so how can we inject? Through the User Agent of course! Using FireFox’s User Agent Switcher Add-On we can supply atom smasher’s site with some code to run.
In FireFox: Tools>User Agent Switcher>Options>Options In the pop-up select “User Agents” on the left, then “Add…”.
The desciption is local, name it whatever you’d like (I named mine “lolololol”). The “User Agent” field is where we inject our code. This site uses a simple HTML “p” tag followed by your User Agent.
By masquerading as a “[a href=‘http://www.hellboundhackers.org’]Technology is awesome[/a]” machine I was able to represent hbh (albeit locally) while having a little fun.
Applications: A lot of sites are privy to SQL injection, and probably HTML injection, but only through search boxes and logins, but what about User Agents? You may think that only sites like this one monitor User Agents, and that they aren’t worth hacking. Take a look at HBH>Other>4 and 5.
I’m not nearly good enough at injection to hack HBH, but I am creative enough to check a new angle. Hopefully the Administrators patch up this hole before publishing this and someone more skilled than I tears it open.
ranma 14 years ago
I don't see a hole…:| I'd say ok effort, but not worth many points if your example is a web page that can only be used in HTML injection. Didn't even explain the mechanics behind the actual injections.
ynori7 14 years ago
This article was way too short. I don't know why the admins keep accepting this crap.
ghost 14 years ago
Seems admins expectations are dropping or they just don't care and just click. :(
korg 14 years ago
Articles like this make us all look like dickheads. STOP putting this shit on the site. It doesn't matter how many hits we get if we look like assholes.
ghost 14 years ago
Terrible article. User agent injection is useless because the result is client side…
ghost 14 years ago
It's not that useless, some forum scripts save useragent in the database so that others can see what browser who is using, so maybe sql injection? Some traffic analizers record browser usage so maybe some null char based attack?
As far as I remember some web services rely on user agent (was it rapidshare? I think there was a toolbar that added a substring to UA and then you had more privillages or something, I don't remember, I have to check it out) so here's another possible target.
Such "concept/idea presentation" is good enough, don't expect him to add "you can hack xxx.com by using [script here]", that's what script-kiddies would think.