Paid Advertising is
ha.ckers sla.cking
For any nonsense or banter that doesn't fit anywhere else. LoL! omg! ROFL! 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
For the searchmash spider
Posted by: maluc
Date: October 06, 2006 08:00PM

Well there's an XSS hole in googles new improved searching test, i guess. There's still not too much info on it. Anyways, there is a hole but only if the search engine finds atleast one webpage to show. Thus i'm waiting for their spider to index this: asdf"},results:[]});alert(String.fromCharCode(88,83,83));_init({query:{//
..hopefully it'll index it properly despite all the odd characters.

This gets translated into: asdf\"},results:[]});alert(String.fromCharCode(88,83,83));_init({query:{//

So yea, nothing to see here ^^ for now. Except that it makes for an interesting example, of needing the website to help you out to XSS themself.

When it does get indexed the link should be: .. hope it works.


Options: ReplyQuote

Sorry, only registered users may post in this forum.