Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Gnuboard 5 - Cross-Site Scripting

By kannthu

Medium
Vidoc logoVidoc Module
#xss#gnuboard#gnuboard5#huntr
Description

What is "Gnuboard 5 - Cross-Site Scripting?"

The "Gnuboard 5 - Cross-Site Scripting" module is designed to detect a cross-site scripting vulnerability in the Gnuboard 5 software. Gnuboard 5 is a popular content management system (CMS) used for creating and managing websites. This module focuses on identifying and reporting instances of cross-site scripting, which is a type of security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users. The severity of this vulnerability is classified as medium, indicating that it has the potential to cause significant harm if exploited. This module was authored by arafatansari.

Impact

A successful exploitation of the cross-site scripting vulnerability in Gnuboard 5 can lead to various consequences, including:

- Execution of arbitrary JavaScript code on the victim's browser - Theft of sensitive user information, such as login credentials or personal data - Manipulation of website content, leading to defacement or unauthorized modifications - Phishing attacks, where attackers trick users into revealing confidential information

It is crucial to address this vulnerability promptly to prevent potential harm to users and the website itself.

How the module works?

The "Gnuboard 5 - Cross-Site Scripting" module works by sending a specific HTTP request to the target website and analyzing the response. It checks for the presence of certain patterns and conditions to determine if the cross-site scripting vulnerability exists. The module's HTTP request template is as follows:

GET /bbs/new.php?darkmode=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E

The module then applies the following matching conditions to the response:

- The response body must contain the following string: <script>alert(document.domain)</script>.css? - The response headers must include the content type text/html - The response status code must be 200

If all of these conditions are met, the module identifies the presence of the cross-site scripting vulnerability in the Gnuboard 5 software.

For more information, you can refer to the Huntr website.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/bbs/new.php?darkmod...
Matching conditions
word: header\"><script>alert(document.domain)<...and
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability