Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Pages: Previous1234567891011Next
Current Page: 6 of 11
Re: So it begins - Redirects Edition
Posted by: Spikeman
Date: November 20, 2006 11:53PM

http://www.fandango.com/TheaterListings.aspx?pn=2&location=98332&penumber='.substring(0,0)%2B'http://google.com');//

You have to click the printer friendly link for this one. (I remember someone posting something like this before, hopefully it wasn't the same site.)

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: rsnake
Date: November 21, 2006 12:04AM

http://rd.excite.com/rd?redir=http://www.cnn.com

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: rsnake
Date: November 21, 2006 12:06AM

http://www.wow.com/redir?src=PTL&clickedItemURN=http://www.cnn.com

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: November 21, 2006 08:00PM

http://www.edwinwattsgolf.com/webapp/wcs/stores/servlet/ClickInfo?URL=http://www.asdf.com/ not splittable (i'll note in the future which ones i've already checked for response splitting.. but bonus points if you find it in one i couldn't ^^)

-maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: malorn
Date: November 27, 2006 04:18PM

http://www109.americanexpress.com/rightp/ads_redirect.jsp?location=http://www.cnn.com

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: November 29, 2006 06:26AM

https://buildsecurityin.us-cert.gov/daisy/locale?locale=&returnTo=http://asdf.com

mmm cert

-maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: Judiketty
Date: November 29, 2006 05:15PM

maluc Wrote:
-------------------------------------------------------
> Post your redirects here.. i'll start it off
>
> just keeping your eye open for an http:// link as
> a parameter for a page (i.e.
> http:/http://www.goldburse.com/ is the easiest way to
> come across them..
>
> that being said, i've never been to this site
> before, nor since >.>
> http://www.sexocean.com/cgi-bin/tt.cgi?cmd=out&url
> =http://sla.ckers.org/forum/profile.php?1,50
> lol..
>
> -maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: oppugnant
Date: November 29, 2006 08:54PM

The propsmart.com will not work if you right click then choose open in another tab. Normal click and it works fine. Same for a few more in this thread. Really sorry if this is a dumb thing to mention, I'm pretty new to the workings of all this. Still it seems to me that right clicking offers at least some, if only a little, form of protection.

"You know what they say"
"No, I don't even know who they are"

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: November 29, 2006 09:11PM

uhh, i'm not really sure what you mean. First off, propsmart (it's on page 1 for thos looking for it) is an XSS not a redirect - rsnake posted it in the redirect thread on accident. Second, atleast in firefox .. that propsmart link works in both new tabs and clicking - but it requires a mouseover to activate.

can you elaborate on what you mean o.O

-maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: oppugnant
Date: November 29, 2006 09:43PM

Sure I can elaborate, not a problem, but listen up because I'll only say this once. (I hope) I appear to be an idiot and missed the bit about the mouse over. When I right clicked and chose open in new tab, nothing happened. When I left clicked and the link opened normally I got the alert. I must have fired the mouse over the second time and not the first. I did repeat this a few times before posting. I still had the same results. No idea how I managed that but I did. I now need someone to delete my post, your reply and this before the world sees what a simpleton I can be at times. Maybe I should get some sleep, yes that's it, I'll blame it on lack of sleep.

PS I'm impressed with what I'm learning here, even if it doesn't show.

"You know what they say"
"No, I don't even know who they are"

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: November 29, 2006 10:43PM

heh, i thought it might be that.. since we've all done similar things :x

i usually go for the sleep excuse too~

as for the mouseover triggering.. maybe the position of the link on this page and the mouseover tag were in the same place so the mouse was already there ^^. stranger things have happened

-maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: malorn
Date: December 01, 2006 08:08PM

http://ie.search.msn.com/migrate.asp?SERVER=http://www.cnn.com

Could be cleaned up a bit but you get the point

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: December 01, 2006 08:20PM

well it's a good find nonetheless .. it's not easy to find bugs on msn

good work,

-maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: Spikeman
Date: December 03, 2006 03:14AM

AND... the big G!

http://www.google.com/url?sa=X&oi=dict&q=http://sla.ckers.org/

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: December 03, 2006 04:11AM

redirect previously disclosed by jungsonn and not splittable:
http://idl.ee.washington.edu/Redirect.php?ID=22&Publication=http://asdf.com?%0Afff

has a nice response-splitting aware error message. (despite the path disclosure)
is that a built-in security option of IIS 5.1+ ? or just hand-made?

-maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: blad3
Date: December 03, 2006 04:31AM

Funny one :P

This is my first website vulnerable to XSS and SQL injection in the same time.
http://price.ro/?action=search&text=%3Czmx%3E%22%27&x=17&y=13

Small site, nothing important, but it's kind of funny.

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: jungsonn
Date: December 04, 2006 08:09AM

http://g.msn.nl/NL6/139606.0?http://www.cnn.com&&CP=65001&CE=nsv090310&HL=Privacy%20Online

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: jungsonn
Date: December 10, 2006 05:10PM

http://g.msn.nl/NL4/139004.2?http://cnn.com/&&HL=Nissan%20Shift_Live&CP=65001&CE=h14

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: rsnake
Date: December 14, 2006 05:47PM

http://ad.doubleclick.net/clk;54245173;11466062;a?http://www.cnn.com

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: rsnake
Date: December 14, 2006 05:53PM

http://dw.com.com/rubicsclk?ver=2&ts=2006.12.14.15.52.46&edId=3&onId=1&ptId=2001&sId=3&appId=8&offId=1049&unitId=29&poolId=1&f1=-0&f2=-0&f3=-0&algId=1&&opt=1&linkPos=1&destUrl=http://www.cnn.com

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: December 14, 2006 08:16PM

i think the ad spammers couldn't care less about open redirects or XSS holes.. so i doubt they'll ever be patched .-.

-maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: rsnake
Date: December 15, 2006 12:04PM

I disagree. They have a bad enough reputation as it is. If firewalls start seeing ad servers as potential threats there goes their business model. It's distinctly important for them to be able to block things like this. It's their whole livelihood. (I used to work for a banner advertiser, so I know first hand).

And yes, you may refer to me as Satan now. Yes, I was also one of the first big spammers (I caught a Macintosh on fire making into a high velocity mail server running Linux). And yah, my team may have invented the concept of delayed popups and pop-unders. Oh yah, and viral marketing to change people's homepages using trojaned movies? That might have been my team too. I'm a bad bad man - or was anyway. You may now claim that I have contributed to the worst things on the Internet.

And now for my next trick I shall break the same origin policy and pave the way for ultra complex XSS malware....

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: December 15, 2006 01:07PM

lol, destroying the world one click at a time.. your mother must be proud .-.

i guess time will tell if they remain open .. but ima stick by my guess that it'll be a while

-maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: maluc
Date: December 16, 2006 10:35PM

http://ma.baidu.com/ma/rcv/click.php?url=http%3A%2F%2Fasdf.com

looks like china's google? has an alexa ranking of 4 which is why i checked it

-maluc

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: rsnake
Date: December 17, 2006 11:14AM

Doubleclick has closed a few holes in the past. It wouldn't surprise me of they close this one too but leave others open. It's just too difficult to close completely.

Baidu is huge. They have 40-60% of China search share. They've easily beaten Google. I'd be surprised if Baidu doesn't become an aquisition target in the near future. That said, they have had dozens of holes so whomever takes them over will have some work on their hands.

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: Hong
Date: December 19, 2006 11:31AM

http://www.wretch.cc/testing/redir.php?d=http%3A%2F%2Fha.ckers.org%2F&k=322
The most famous web blog community in Taiwan

- Hong

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: eyeced
Date: December 22, 2006 03:52PM

http://www.tritonboats.com/frames_static.asp?redir=http://www.google.co.uk

erm...boats.

Theres my description.



Edited 2 time(s). Last edit at 12/22/2006 03:54PM by eyeced.

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: Luny
Date: January 11, 2007 04:26PM

http://www.webmd.com/click2.asp?redirect=http://sla.ckers.org

---------------
Digital footprints suck. Learn to walk on your hands.
http://www.youfucktard.com

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: Luny
Date: January 11, 2007 06:09PM

der..posted in wrong thread.

---------------
Digital footprints suck. Learn to walk on your hands.
http://www.youfucktard.com



Edited 1 time(s). Last edit at 01/11/2007 06:10PM by Luny.

Options: ReplyQuote
Re: So it begins - Redirects Edition
Posted by: kozanaybar
Date: January 17, 2007 05:11AM

http://clk.atdmt.com/MSN/go/msnnkwme0100000003msn/direct/01/?href=http://sla.ckers.org

Options: ReplyQuote
Pages: Previous1234567891011Next
Current Page: 6 of 11


Sorry, only registered users may post in this forum.