Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 

Current Page: 1 of 1
Results 1 - 9 of 9
4 years ago
Vektor
QuoteVulnerability in Windows Shell Could Allow Remote Code Execution The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the icon of a specially crafted shortcut is displayed. Source: http://www.microsoft.com/technet/security/advisory/2286198.mspx PoC: http://www.ivanlef0u.tuxfamily.org/?p=411 QuoteAffected Software
Forum: News and Links
5 years ago
Vektor
Those who look at the last link I posted can see that it has only 1 parameter "crypt" which is encrypted. This is because I went to the payment failure link with a fake VendorTxCode parameter as if it was returned by SagePay. After studying SagePay's shared scripts, I saw that VendorTxCode parameter is one of the parameters that is not checked against XSS. All websites that use those sc
Forum: Full Disclosure
5 years ago
Vektor
All parameters from everywhere on their website are flawed. Some can be used for XSS / others can be used to make negative payments / etc. The screenshots I posted here show only the XSS bugs from a few pages - you can paste an entire website in their forms. Example of XSS for 2nd screenshot: http://www.ifpi.org/content/section_resources/RIN/RIN-orderFailed.asp?crypt=YgAIUTwkHht2IQAdCHAaG0AXCVs0a
Forum: Full Disclosure
5 years ago
Vektor
Some screenshots with vulnerable pages: More information (screenshots, proof of concept) here:
Forum: Full Disclosure
5 years ago
Vektor
BayTSP is a company that sends copyright infringement notices via e-mail to users they found that were "infringing copyright" of their clients. These e-mails have a link to their website with a comment hash in it. And most their links got indexed by search engines because they have no robots.txt on their website. Anybody from any IP can view them and respond to them. No IP check or any a
Forum: News and Links
5 years ago
Vektor
They don't say about moderation for submitted URL's, but not having any would be stupid. If they update their blacklisted URL's with 3rd party content, all clients get updated. No need to send back an URL that is already blacklisted. If a client detects a website with problems - that would be a new website that is detected by their engine without using blacklists, no need to "call home&qu
Forum: News and Links
5 years ago
Vektor
That would contradict what they say - "All malicious, exploit-hosting URLs it detects are automatically reported back to F-Secure's Real-time Protection Network, which helps our Security Labs discover new exploits on the Internet and react to protect all our existing customers". If it had alternative sources it wouldn't need to report them back when found. But this is easy to verify. M
Forum: News and Links
5 years ago
Vektor
* Protects against both malicious websites and good websites that have been hacked. * Automatically sends detected malicious URLs from users to F-Secure. If you use it, I have an interesting test for you -> http://sla.ckers.org/forum/read.php?13,28097 . Click on "Test XSS" button to inject an iframe with google in f-secure's website . Exploit Shield should block F-Secure.com and
Forum: News and Links
5 years ago
Vektor
This is interesting... Since te-home.net was registered, nemesis was always pointing to one of my IP's, in one of Romtelecom's IP ranges (I host it). After reading your message I checked te-home.net domain and no settings were altered. So it probably is a name server problem. I resolved it using 5 different name servers, these are my results: > server dns1.inetia.pl Default Server: dns1.ine
Forum: News and Links
Current Page: 1 of 1