Welcome to HBH! If you had an account on hellboundhacker.org you will need to reset your password using the Lost Password system before you will be able to login.

XSS vulnerability?


theSheWolf's Avatar
Member
0 0

So I was recently allowed to try test this site. I won\'t post it but I believe it\'s vuln to xss of some kind…I\'m not too sure though. On the site is a searchbox which allows you to inject html…I\'m not too sure about xss, some work and some doesn\'t but there\'s javascript on the page itself which leads me to believe a js injection is very possible. However, as of now, everything is pretty non-persistant because the searchbox clears itself after every search. Nothing is saved. Do you think it\'s possible to edit the onclick element so that the searchbox does not clear? Here\'s the code:

</form>``` What do you think? 

korg's Avatar
Admin from hell
0 0

I think if you want to pentest sites you have a lot of learning to do. So far you have posted at least 3 times asking about vulnerabilities in sites that your \"allowed\" to test. I\'m not sure if your actually testing or deliberately trying to hack them but I certainly don\'t spoon feed people info especially when you post the same threads on the hackforums. If you think it\'s vulnerable then learn how to test it.