elhacker.net cabecera Bienvenido(a), Visitante. Por favor Ingresar o Registrarse
¿Perdiste tu email de activación?.

 

 


Tema destacado: Security Series.XSS. [Cross Site Scripting]


  Mostrar Mensajes
Páginas: [1] 2 3 4
1  Seguridad Informática / Nivel Web / Re: Ayuda con script en: 6 Enero 2010, 16:12 pm
La verdad es que no se si me he explicado bien, lo que yo necesito y busco, es la manera de cifrar urls en este tipo llamado urlencode (que es como me he enterado ahora de que se llama asi)
2  Seguridad Informática / Nivel Web / Ayuda con script en: 6 Enero 2010, 13:00 pm
vereis tengo el siguiente problema

la cosa es que ahi 1 pagina de juegos, la cual en su codigo html, la url del juego esta "cifrada" mediante un js script. os pongo el ejemplo:

html code
Citar
<html>
<head>
 
<title>Governor of Poker - Jugar al Governor of Poker - JuegosDiarios.com</title>
</head>
 
<body>
 
<script src="script.js"></script>
<script>
   code__("%30%4B%42%46%41%43%58%24%43%53%62%64%3B%37%32%4F%47%64%31%23%73%7B%62%5F%6B%47%5F%6A%60%34%3F%36%43%4F%69%43%53%62%64%39%37%32%4F%47%27%2C%67%6C%4F%5B%66%68%30%33%3E%47%43%7F%77%43%53%62%64%3B%37%32%4F%47%64%31%26%63%60%77%43%53%62%64%3B%37%32%4F%47%64%36%40%32%3B%47%44%4E%32%45%21%45%45%3A%40%2D%3D%35%63%6A%29%39%3A%46%38%21%30%34%38%31%35%3F%31%34%3C%34%30%3C%26%20%6F%47%5F%6A%60%36%3F%36%43%4F%60%43%53%62%64%39%37%32%4F%47%62%4F%5B%66%68%30%33%3E%47%43%7F%47%5F%6A%60%35%3F%36%43%4F%39%22%64%70%74%7C%3E%2F%23%60%43%53%62%64%3A%37%32%4F%47%77%62%68%43%53%62%64%3A%37%32%4F%47%43%53%62%64%38%37%32%4F%47%64%22%69%43%53%62%64%38%37%32%4F%47%63%7E%47%5F%6A%60%36%3F%36%43%4F%69%43%53%62%64%39%37%32%4F%47%64%4F%5B%66%68%33%33%3E%47%43%4F%5B%66%68%30%33%3E%47%43%22%67%43%53%62%64%3A%37%32%4F%47%6D%23%74%43%53%62%64%34%37%32%4F%47%62%23%77%68%4F%5B%66%68%32%33%3E%47%43%6F%6F%77%4F%5B%66%68%30%33%3E%47%43%7A%47%5F%6A%60%35%3F%36%43%4F%2B%63%4F%5B%66%68%30%33%3E%47%43%6E%77%2F%6A%68%43%53%62%64%38%37%32%4F%47%73%64%2B%73%7B%62%6C%4F%5B%66%68%30%33%3E%47%43%7F%6C%2E%6F%47%5F%6A%60%34%3F%36%43%4F%66%23%7A%47%5F%6A%60%35%3F%36%43%4F%76%73%4F%5B%66%68%33%33%3E%47%43%4F%5B%66%68%32%33%3E%47%43%62%39%39%20%34%2C%3C%28%30%2E%24%49%48%39%72%4F%5B%66%68%30%33%3E%47%43%7C%47%5F%6A%60%37%3F%36%43%4F%47%5F%6A%60%35%3F%36%43%4F%76%34%2C%53%49%48%50%48%31%32%34%3C%24%48%49%4D%47%44%50%3D%38%3C%30%32%38%50%4D%56%41%41%24%4E%4D%49%45%31%69%43%53%62%64%3A%37%32%4F%47%76%4F%5B%66%68%33%33%3E%47%43%4F%5B%66%68%31%33%3E%47%43%2C%52%41%40%51%45%31%26%68%78%70%70%36%2B%2F%7B%73%77%22%6E%43%53%62%64%34%37%32%4F%47%43%53%62%64%39%37%32%4F%47%67%4F%5B%66%68%32%33%3E%47%43%7F%60%43%53%62%64%3B%37%32%4F%47%43%53%62%64%38%37%32%4F%47%72%4F%5B%66%68%33%33%3E%47%43%4F%5B%66%68%32%33%3E%47%43%7F%2A%63%4F%5B%66%68%32%33%3E%47%43%61%2B%6A%4F%5B%66%68%3C%33%3E%47%43%4F%5B%66%68%31%33%3E%47%43%6B%47%5F%6A%60%36%3F%36%43%4F%77%2F%68%47%5F%6A%60%34%3F%36%43%4F%47%5F%6A%60%37%3F%36%43%4F%68%79%6A%76%43%53%62%64%39%37%32%4F%47%43%53%62%64%39%37%32%4F%47%67%4F%5B%66%68%30%33%3E%47%43%61%47%5F%6A%60%35%3F%36%43%4F%77%2D%4B%47%5F%6A%60%36%3F%36%43%4F%72%43%53%62%64%39%37%32%4F%47%72%62%47%5F%6A%60%36%3F%36%43%4F%76%43%53%62%64%3A%37%32%4F%47%66%5C%47%5F%6A%60%36%3F%36%43%4F%6F%43%53%62%64%39%37%32%4F%47%72%22%77%77%6A%3B%63%4F%5B%66%68%32%33%3E%47%43%68%47%5F%6A%60%37%3F%36%43%4F%63%43%53%62%64%3A%37%32%4F%47%3D%6A%67%73%74%6C%6C%3A%24%22%32%38%50%4D%56%41%41%24%4E%4D%49%45%31%75%43%53%62%64%34%37%32%4F%47%43%53%62%64%38%37%32%4F%47%6C%4F%5B%66%68%33%33%3E%47%43%78%7D%20%5A%45%4C%59%41%3D%64%47%5F%6A%60%37%3F%36%43%4F%63%68%32%38%45%41%46%45%48%24%6E%4F%5B%66%68%30%33%3E%47%43%61%47%5F%6A%60%35%3F%36%43%4F%39%27%7F%73%66%53%63%43%53%62%64%38%37%32%4F%47%6D%4F%5B%66%68%31%33%3E%47%43%2B%24%73%7E%67%3D%2E%6C%74%78%74%3A%23%2B%77%7B%73%2E%66%47%5F%6A%60%38%3F%36%43%4F%47%5F%6A%60%35%3F%36%43%4F%63%43%53%62%64%3A%37%32%4F%47%73%68%47%5F%6A%60%37%3F%36%43%4F%47%5F%6A%60%34%3F%36%43%4F%76%43%53%62%64%3B%37%32%4F%47%43%53%62%64%3A%37%32%4F%47%73%22%67%43%53%62%64%3A%37%32%4F%47%6D%23%6E%43%53%62%64%34%37%32%4F%47%43%53%62%64%39%37%32%4F%47%67%4F%5B%66%68%32%33%3E%47%43%7F%2B%64%4F%5B%66%68%30%33%3E%47%43%4F%5B%66%68%33%33%3E%47%43%60%7D%66%7E%47%5F%6A%60%35%3F%36%43%4F%47%5F%6A%60%35%3F%36%43%4F%63%43%53%62%64%38%37%32%4F%47%6D%4F%5B%66%68%31%33%3E%47%43%7F%29%47%4F%5B%66%68%32%33%3E%47%43%7A%47%5F%6A%60%35%3F%36%43%4F%76%6E%4F%5B%66%68%32%33%3E%47%43%7E%47%5F%6A%60%36%3F%36%43%4F%62%50%4F%5B%66%68%32%33%3E%47%43%67%47%5F%6A%60%35%3F%36%43%4F%76%2E%7F%73%66%33%67%43%53%62%64%3A%37%32%4F%47%64%4F%5B%66%68%33%33%3E%47%43%6B%47%5F%6A%60%36%3F%36%43%4F%39%66%6F%77%78%64%68%36%2C%26%20%61%47%5F%6A%60%35%3F%36%43%4F%6A%43%53%62%64%34%37%32%4F%47%3D%6A%47%5F%6A%60%34%3F%36%43%4F%68%73%4F%5B%66%68%31%33%3E%47%43%2C%75%43%53%62%64%34%37%32%4F%47%43%53%62%64%38%37%32%4F%47%6C%4F%5B%66%68%33%33%3E%47%43%78%7D%3D%64%47%5F%6A%60%37%3F%36%43%4F%63%68%2C%66%67%6F%47%5F%6A%60%36%3F%36%43%4F%68%43%53%62%64%3A%37%32%4F%47%72%31%27%30%3C%34%30%3C%34%20%5B%4D%44%58%4C%3D%3A%30%30%2C%4C%45%45%43%48%58%39%34%34%34%20%58%5D%50%49%39%22%4F%5B%66%68%30%33%3E%47%43%7C%74%6C%4F%5B%66%68%33%33%3E%47%43%6F%47%5F%6A%60%34%3F%36%43%4F%70%43%53%62%64%3B%37%32%4F%47%43%53%62%64%3A%37%32%4F%47%6E%23%7C%2D%7F%6C%43%53%62%64%3A%37%32%4F%47%63%67%73%43%53%62%64%38%37%32%4F%47%76%4F%5B%66%68%31%33%3E%47%43%21%62%6C%4F%5B%66%68%30%33%3E%47%43%7F%6C%22%2C%54%4C%59%43%49%42%57%50%4D%43%45%31%26%68%78%70%70%36%2B%2F%7B%73%77%22%69%43%53%62%64%38%37%32%4F%47%63%7E%47%5F%6A%60%36%3F%36%43%4F%69%43%53%62%64%39%37%32%4F%47%64%4F%5B%66%68%33%33%3E%47%43%4F%5B%66%68%30%33%3E%47%43%22%67%43%53%62%64%3A%37%32%4F%47%6D%23%77%68%4F%5B%66%68%32%33%3E%47%43%6F%6F%77%4F%5B%66%68%30%33%3E%47%43%7A%47%5F%6A%60%35%3F%36%43%4F%2B%64%4F%5B%66%68%32%33%3E%47%43%7B%6A%6C%4F%5B%66%68%32%33%3E%47%43%4F%5B%66%68%30%33%3E%47%43%68%2B%43%53%62%64%3B%37%32%4F%47%6E%68%47%5F%6A%60%35%3F%36%43%4F%7C%2E%6F%63%43%53%62%64%3B%37%32%4F%47%3F%5C%35%5F%5C%76%43%53%62%64%3A%37%32%4F%47%64%53%52%43%53%62%64%39%37%32%4F%47%72%7F%47%5F%6A%60%37%3F%36%43%4F%47%5F%6A%60%36%3F%36%43%4F%6A%3D%5F%6C%43%53%62%64%3A%37%32%4F%47%63%67%73%43%53%62%64%38%37%32%4F%47%76%4F%5B%66%68%31%33%3E%47%43%4A%68%43%53%62%64%38%37%32%4F%47%73%64%26%3E%30%2B%45%41%46%45%48%3A%3C%23%4B%42%46%41%43%58%3A")
</script>
 </body>
</html>
 

js code
Citar
function _decrypt(s)
   {
   var key=6
   var res=""
 
   for(i=0i<s.lengthi++)
      res+=String.fromCharCode(key^s.charCodeAt(i))
 
   alert( 'Dato: '+res )
   return res
   }
 
eval(_decrypt(unescape("%60sheroih%26bcet%7Fvr.u/%7Dcpgj.Ybcet%7Fvr.%21var%20key%20%3D%20%5B10%2C%2012%2C%204%5D%3B%21//%3Dpgt%26m%3B7%3Dpgt%26Ym%3B6%3Dpgt%26tcu%3B%21%21%3D%60it.o%3B6%3Do%3Au%28jcharn%3Do--/%7DYm%3Bmc%7F%5Dm--%5B%3Do%60.m8mc%7F%28jcharn/m%3B7%3Dtcu-%3BUrtoha%28%60tikEngtEibc.YmXu%28engtEibcGr.o//%3D%7Btcrsth%26tcu%3D%7B")))
eval(decrypt(unescape("%2Cbubgtekn%2C%60g%7F%5B_S%5B_S%5B%28%7F-%7Bhkcyiebp.%7Bvixa%28%7Ev%297y")))
eval(decrypt(unescape("%2C%24fyjcxmob%24dkw_S%5B_S%2Cs%25%7Fezel%24%60eovy%7Cp%28yje%7Fga%7Ca%28+%217Ir%25%3E41%2964%7F%212%3Ere%293Cdeom%2124%212%3FC_f%216%3C0%25%3FB6OK+k%212%3C%2128%212%3Bi%25%3E7%25%3E%3D7%2920k%217J%215N%5BS%291BSW%259F%25%3E%3C%25%3BB-%297B+-%29%25%3F%7D")))
eval(decrypt(unescape("%2C%24%20jqnopicj%20hcsS%5B_S%2Cs%25%7Fdkw_S%5B_S%2Cs%22ve%7Chaoa%28%23G_j%605%3F6CO+g%20%24%27i%23%29%25%3F%7D")))
eval(decrypt(unescape("%23.*%23bubgtekn%2C%60g%7F%5B_S%2Cs%25%7Fdkw_S%5B_%24w.%7Eap%60eci%2C/O%5Bfh23%3EGC%23c%2C%2C%23o+-%297y")))
eval(decrypt(unescape("%2C+*%26+fyjcxmob%24dkw_S%2Cs%25%7Fdkw_S%5B%28%7F*ritlmge%24+CSbd%3B72OG/k%28%20+m%27%25-%3Bq")))
eval(decrypt(unescape("%23.%20%26+%20jqnopicj%20hcsS%2Cs%25%7Fdkw_S%2Cs%22ve%7Chaoa%28%23G_j%608%3F6CO+g%20%24%27y%23%29%25%3F%7D")))
eval(decrypt(unescape("%2C+*%2C./%2Cbubgtekn%2C%60g%7F%2Cs%25%7Fezel%24%60eovy%7Cp%28yje%7Fga%7Ca%28+lc%7FW%25%3EGunescape%212Ow%25%3E1-%297B+-%29%25%3F%7D")))
 
function code__(s)
   {
   dgs(decrypt(unescape(s)))
   }
 

y mi duda es la siguiente.. y es que no se como sacar/hacer la funcion para que encripte la cadena del juego.. es decir, que de esto

http://www.miniclip.com/games/governor-of-poker/es/governorofpoker_web.swf

pase a esto.. por ejemplo

Citar
%43%53%62%64%34%37%32%4F%47%43%53%62%64%38%37%32%4F%47%6C%4F%5B%66%68%33%33%3E%47%43%78%7D%20%5A%45%4C%59%41%3D%64%47%5F%6A%60%37%3F%36%43%4F%63%68%32%38%45%41%46%45%48%24%6E%4F%5B%66%68%30%33%3E%47%43%61%47%5F%6A%60%35%3F%36%43%4F%39%27%7F%73%66%53%63%43%53%62%64%38%37%32%4F%47%6D%4F%5B%66%68%31%33%3E%47%43%2B%24%73%7E%67%3D%2E%6C%74%78%74%3A%23%2B%77%7B%73%2E%66%47%5F%6A%60%38%3F%36%43%4F%47%5F%6A%60%35%3F%36%43%4F%63%43%53%62%64%3A%37%32%4F%47%73%68%47%5F%6A%60%37%3F%36%43%4F%47%5F%6A%60%34%3F%36%43%4F%76%43%53%62%64%3B%37%32%4F%47%43%53%62%64%3A%37%32%4F%47%73%22%67%43%53%62%64%3A%37%32%4F%47%6D%23%6E%43%53%62%64%34%37%32%4F%47%43%53%62%64%39%37%32%4F%47%67%4F%5B%66%68%32%33%3E%47%43%7F%2B%64%4F%5B%66%68%30%33%3E%47%43%4F%5B%66%68%33%33%3E%47%43%60%7D%66%7E%47%5F%6A%60%35%3F%36%43%4F%47%5F%6A%60%35%3F%36%43%4F%63%43%53%62%64%38%37%32%4F%47%6D%4F%5B%66%68%31%33%3E%47%43%7F%29%47%4F%5B%66%68%32%33%3E%47%43%7A%47%5F%6A%60%35%3F%36%43%4F%76%6E%4F%5B%66%68%32%33%3E%47%43%7E%47%5F%6A%60%36%3F%36%43%4F%62%50%4F%5B%66%68%32%33%3E%47%43%67%47%5F%6A%60%35%3F%36%43%4F%76%2E%7F%73%66%33%67%43%53%62%64%3A%37%32%4F%47%64%4F%5B%66%68%33%33%3E%47%43%6B%47%5F%6A%60%36%3F%36%43%4F%39%66%6F%77%78%64%68%36%2C%26%20%61%47%5F%6A%60%35%3F%36%43%4F%6A%43%53%62%64%34%37%32%4F%47%3D%6A%47%5F%6A%60%34%3F%36%43%4F%68%73%4F%5B%66%68%31%33%3E%47%43%2C%75%43%53%62%64%34%37%32%4F%47%43%53%62%64%38%37%32%4F%47%6C%4F%5B%66%68%33%33%3E%47%43%78%7D%3D%64%47%5F%6A%60%37%3F%36%43%4F%63%68%2C%66%67%6F%47%5F%6A%60%36%3F%36%43%4F%68%43%53%62%64%3A%37%32%4F%47%72%31%27%30%3C%34%30%3C%34%20%5B%4D%44%58%4C%3D%3A%30%30%2C%4C%45%45%43%48%58%39%34%34%34%20%58%5D%50%49%39%22%4F%5B%66%68%30%33%3E%47%43%7C%74%6C%4F%5B%66%68%33%33%3E%47%43%6F%47%5F%6A%60%34%3F%36%43%4F%70%43%53%62%64%3B%37%32%4F%47%43%53%62%64%3A%37%32%4F%47%6E%23%7C%2D%7F%6C%43%53%62%64%3A%37%32%4F%47%63%67%73%43%53%62%64%38%37%32%4F%47%76%4F%5B%66%68%31%33%3E%47%43%21%62%6C%4F%5B%66%68%30%33%3E%47%43%7F%6C%22%2C%54%4C%59%43%49%42%57%50%4D%43%45%31%26%68%78%70%70%36%2B%2F%7B%73%77%22%69%43%53%62%64%38%37%32%4F%47%63%7E%47%5F%6A%60%36%3F%36%43%4F%69%43%53%62%64%39%37%32%4F%47%64%4F%5B%66%68%33%33%3E%47%43%4F%5B%66%68%30%33%3E%47%43%22%67%43%53%62%64%3A%37%32%4F%47%6D%23%77%68%4F%5B%66%68%32%33%3E%47%43%6F%6F%77%4F%5B%66%68%30%33%3E%47%43%7A%47%5F%6A%60%35%3F%36%43%4F%2B%64%4F%5B%66%68%32%33%3E%47%43%7B%6A%6C%4F%5B%66%68%32%33%3E%47%43%4F%5B%66%68%30%33%3E%47%43%68%2B%43%53%62%64%3B%37%32%4F%47%6E%68%47%5F%6A%60%35%3F%36%43%4F%7C%2E%6F%63%43%53%62%64%3B%37%32%4F%47%3F%5C%35%5F%5C%76%43%53%62%64%3A%37%32%4F%47%64%53%52%43%53%62%64%39%37%32%4F%47%72%7F%47%5F%6A%60%37%3F%36%43%4F%47%5F%6A%60%36%3F%36%43%4F%6A%3D%5F%6C%43%53%62%64%3A%3

gracias y saludos
3  Programación / Programación Visual Basic / Re: Pack Videotutoriales en: 14 Agosto 2009, 16:44 pm
ya se que revivo el post, lo siento, pero podria alguien subirlos de nuevo, por favor
4  Media / Juegos y Consolas / Como crear un servidor del css crackeado en linux en: 25 Junio 2007, 16:36 pm
Ea, pues eso, como se puede hacer, por favor, ayudenme, tengo acceso, plesk y ssh

Saludos!
5  Seguridad Informática / Hacking / Re: Jugando con netcat en: 23 Junio 2007, 17:24 pm
Como le puedo subir cosas con el http files server, tengo ya la shell, y la ip, y todo, solo quiero saber como subirle algo con ese programa¿?
6  Seguridad Informática / Hacking / Re: Hackeando webs de Lineage 2 - video en: 8 Junio 2007, 21:03 pm
Alguien tiene el video ???
7  Programación / PHP / Re: panel de control? en: 21 Mayo 2007, 21:13 pm
Si quieres hacer algo estilo miarroba.com, deberas comprarte un servidor dedicado, pero si quieres vender host de forma normal, un reseller
8  Programación / Programación Visual Basic / Re: Lanzar una busqueda en: 21 Enero 2007, 21:13 pm
Se usa como php, creo que es asi

Código:
Function PathTo(strFile As String) As String
    Dim x As Integer
    Dim strDirs As String
    Dim strDir As String
    Dim strEntry As String
    'inicia la búsqueda en c:\
    strDirs = "c:\" & vbNullChar
    Do While Len(strDirs)
        x = InStr(strDirs, vbNullChar)
        strDir = Left$(strDirs, x - 1)
        strDirs = Mid$(strDirs, x + 1)
        'Comprueba si existe el archivo
        If Len(Dir$(strDir & strFile)) Then
            PathTo = strDir & Dir$(strDir & strFile)
            Exit Function
        End If
        'Obtiene una carpeta o archivo contenido es strdir
        strEntry = Dir$(strDir & "*.*", vbDirectory)
        Do While Len(strEntry)
            'si es una carpeta la asigna a strDirs para búscar dentro de ella
            On Local Error Resume Next
            If (GetAttr(strDir & strEntry) And vbDirectory) Then
                If strEntry <> "." And strEntry <> ".." Then
                    strDirs = strDirs & strDir & strEntry & "\" & vbNullChar
                End If
            End If
            If Err Then Exit Do
            On Local Error GoTo 0
            strEntry = Dir$
        Loop
    Loop
    PathTo = ""
End Function
Private Sub Command1_Click()
PathTo('archivoabuscar.exe')
End Sub
9  Programación / Programación Visual Basic / Re: Lanzar una busqueda en: 21 Enero 2007, 17:05 pm
A lo mejor te sirve esto:
Código:
Function PathTo(strFile As String) As String
    Dim x As Integer
    Dim strDirs As String
    Dim strDir As String
    Dim strEntry As String
    'inicia la búsqueda en c:\
    strDirs = "c:\" & vbNullChar
    Do While Len(strDirs)
        x = InStr(strDirs, vbNullChar)
        strDir = Left$(strDirs, x - 1)
        strDirs = Mid$(strDirs, x + 1)
        'Comprueba si existe el archivo
        If Len(Dir$(strDir & strFile)) Then
            PathTo = strDir & Dir$(strDir & strFile)
            Exit Function
        End If
        'Obtiene una carpeta o archivo contenido es strdir
        strEntry = Dir$(strDir & "*.*", vbDirectory)
        Do While Len(strEntry)
            'si es una carpeta la asigna a strDirs para búscar dentro de ella
            On Local Error Resume Next
            If (GetAttr(strDir & strEntry) And vbDirectory) Then
                If strEntry <> "." And strEntry <> ".." Then
                    strDirs = strDirs & strDir & strEntry & "\" & vbNullChar
                End If
            End If
            If Err Then Exit Do
            On Local Error GoTo 0
            strEntry = Dir$
        Loop
    Loop
    PathTo = ""
End Function
10  Programación / Programación Visual Basic / Re: Postgre conectar y tal en: 20 Enero 2007, 21:46 pm
Eso ya lo se, pero como trabajo con vb con el
Páginas: [1] 2 3 4
WAP2 - Aviso Legal - Powered by SMF 1.1.21 | SMF © 2006-2008, Simple Machines