Right so my school IT admin have challenged me to hack the school website! I've a found search area and some open ports the open ports are Mysql and FTP.
I think my best bet is XSS i know that the site is running joomla and apche 2.2.3 and that's about it!
Right keep in mind i am very new to XSS but this is as much as i can get out of it.
What ever we put in the Search bar is also in the url as in search/node/Whatyoutype
How ever brackets () and signal quotes ' are changed to %27 and %29 i've inspected the html and found this.
<input type="submit" id="edit-submit" name="op" value="Search" class="form-submit">
Not sure if that's any help but that's as far as my knowledge on xss will take me any ideas !?
Thanks Dupheadss
Be the First to Respond
Share Your Thoughts