| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 | ===================================================================================  Dominant Creature BBG/RPG browser game XSS vulnerabilities =================================================================================== # Exploit Title: Dominant Creature BBG/RPG browser game XSS vulnerabilities # Author: M.Jock3R  # Script support: http://www.bbgdev.com/  # Script Download: http://sourceforge.net/projects/dcreature/ # Dork: core engine by Dominant Creature # Category:: webapps # Tested on: windows XP Sp2 FR =================================================================================== Examples: --------- 1) http://creatures.site88.net/ 2) http://dixieandtheninjas.net/goofing/DC/ 3) http://tux.isa-geek.org/rpg/dm/login.php Vuln file: msg.php Vuln code: ---------  $m = new Msg;  if (isset($_GET["p"]) && isset($_GET["write"])) {  $m->Write();  }  else {  $m->Inbox();  } } Exploit: --------- -You mustfirst login :( You canenter this account .. For test :) http://raw.bplaced.net/games/dominantcreature/ username: m.jock3r password: 01230123 Go to : Duel opponents ==> Search for opponents : choose any user and enter Write message  In message box write : <script>alert(document.cookie)</script> Click Send message. -Enjoy playing with XSS :) =================================================================================== Greets To : adelsbm / attiadona/ the-code.tk Email : madrido.jocker@gmail.com THANKS TO ALL ALGERIANS HACK3RS =================================================================================== |