Donate to us!
It is the path of least resistance that makes rivers and men crooked. - Bj Palmer
Monday, January 22, 2018
 Need Help?
Members Online
Total Online: 61
Guests Online: 57
Members Online: 4

Registered Members: 103878
Newest Member: sophiajames
Latest Articles

Injection via User Agents

Arrow Image What if there are no unprotected search boxes or logins to inject through?

Go ahead visit the link, I swear it's not Rick. I was using Stumble Upon after completing one of the User Agent Switcher challenges. So this site shows me my IP Address and my OS and browser and quotes 1984 (Oh my, I'm SO scared). Big Brother? More like Oh Brother. And to prove it, I thought I would redesign the page a little.

There's no search boxes or logins, so how can we inject? Through the User Agent of course! Using FireFox's User Agent Switcher Add-On we can supply atom smasher's site with some code to run.

In FireFox:
Tools>User Agent Switcher>Options>Options
In the pop-up select "User Agents" on the left, then "Add...".

The desciption is local, name it whatever you'd like (I named mine "lolololol"). The "User Agent" field is where we inject our code. This site uses a simple HTML "p" tag followed by your User Agent.

By masquerading as a "[a href='']Technology is awesome[/a]" machine I was able to represent hbh (albeit locally) while having a little fun.

A lot of sites are privy to SQL injection, and probably HTML injection, but only through search boxes and logins, but what about User Agents? You may think that only sites like this one monitor User Agents, and that they aren't worth hacking. Take a look at HBH>Other>4 and 5.

I'm not nearly good enough at injection to hack HBH, but I am creative enough to check a new angle. Hopefully the Administrators patch up this hole before publishing this and someone more skilled than I tears it open.


ranmaon June 22 2009 - 23:53:27
I don't see a hole...Frown I'd say ok effort, but not worth many points if your example is a web page that can only be used in HTML injection. Didn't even explain the mechanics behind the actual injections.
ynori7on June 25 2009 - 18:44:49
This article was way too short. I don't know why the admins keep accepting this crap.
S1L3NTKn1GhTon June 26 2009 - 01:44:15
Seems admins expectations are dropping or they just don't care and just click. Sad
korgon June 29 2009 - 03:13:29
Articles like this make us all look like dickheads. STOP putting this shit on the site. It doesn't matter how many hits we get if we look like assholes.
sanddboxon August 23 2009 - 01:03:58
Terrible article. User agent injection is useless because the result is client side...
theFALCOon October 28 2009 - 18:45:23
It's not that useless, some forum scripts save useragent in the database so that others can see what browser who is using, so maybe sql injection? Some traffic analizers record browser usage so maybe some null char based attack? As far as I remember some web services rely on user agent (was it rapidshare? I think there was a toolbar that added a substring to UA and then you had more privillages or something, I don't remember, I have to check it out) so here's another possible target. Such "concept/idea presentation" is good enough, don't expect him to add "you can hack by using [script here]", that's what script-kiddies would think.
Post Comment


You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.