PISG 0.54 - IRC Nick HTML Injection

EDB-ID:

24040

CVE:



Author:

shr3kst3r

Type:

remote


Platform:

Multiple

Date:

2004-04-22


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

source: https://www.securityfocus.com/bid/10195/info

pisg has been reported prone to an input validation vulnerability. The issue will only present itself when pisg is used to monitor an IRC server that does not place limitations on IRC Nick values that can be used.

If an attacker specifies HTML code as a value for the IRC Nickname, this value may be incorporated into the HTML pages that are generated by pisg.

PROOF:
1. silc
2. /connect %Suitable IRC server%
3. /nick <script>alert(document.domain);</script>
4. /log ...
5. /me a couple of times on a channel
6. /quit
3. then generate stats ./pisg
4. surf the index.html