Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Injection via User Agents


Injection via User Agents

By ghostghost | 10950 Reads |
0     0

http://atom.smasher.org/links/

Go ahead visit the link, I swear it’s not Rick. I was using Stumble Upon after completing one of the User Agent Switcher challenges. So this site shows me my IP Address and my OS and browser and quotes 1984 (Oh my, I’m SO scared). Big Brother? More like Oh Brother. And to prove it, I thought I would redesign the page a little.

There’s no search boxes or logins, so how can we inject? Through the User Agent of course! Using FireFox’s User Agent Switcher Add-On we can supply atom smasher’s site with some code to run.

In FireFox: Tools>User Agent Switcher>Options>Options In the pop-up select “User Agents” on the left, then “Add…”.

The desciption is local, name it whatever you’d like (I named mine “lolololol”). The “User Agent” field is where we inject our code. This site uses a simple HTML “p” tag followed by your User Agent.

By masquerading as a “[a href=‘http://www.hellboundhackers.org’]Technology is awesome[/a]” machine I was able to represent hbh (albeit locally) while having a little fun.

Applications: A lot of sites are privy to SQL injection, and probably HTML injection, but only through search boxes and logins, but what about User Agents? You may think that only sites like this one monitor User Agents, and that they aren’t worth hacking. Take a look at HBH>Other>4 and 5.

I’m not nearly good enough at injection to hack HBH, but I am creative enough to check a new angle. Hopefully the Administrators patch up this hole before publishing this and someone more skilled than I tears it open.

Comments
ranma's avatar
ranma 15 years ago

I don't see a hole…:| I'd say ok effort, but not worth many points if your example is a web page that can only be used in HTML injection. Didn't even explain the mechanics behind the actual injections.

ynori7's avatar
ynori7 15 years ago

This article was way too short. I don't know why the admins keep accepting this crap.

ghost's avatar
ghost 15 years ago

Seems admins expectations are dropping or they just don't care and just click. :(

korg's avatar
korg 15 years ago

Articles like this make us all look like dickheads. STOP putting this shit on the site. It doesn't matter how many hits we get if we look like assholes.

ghost's avatar
ghost 15 years ago

Terrible article. User agent injection is useless because the result is client side…

ghost's avatar
ghost 15 years ago

It's not that useless, some forum scripts save useragent in the database so that others can see what browser who is using, so maybe sql injection? Some traffic analizers record browser usage so maybe some null char based attack?

As far as I remember some web services rely on user agent (was it rapidshare? I think there was a toolbar that added a substring to UA and then you had more privillages or something, I don't remember, I have to check it out) so here's another possible target.

Such "concept/idea presentation" is good enough, don't expect him to add "you can hack xxx.com by using [script here]", that's what script-kiddies would think.