#########################
# Website: www.linuxmafia.com
# Date: 21.09.09
# Bug: Cross Site Scripting (XSS)
########################
Vuln URL: hxxp://www.linuxmafia.com/kb/
Sorry folks, I am lazy to post a screenshot for this one... just a quickie, if you will...
Click here for the demo
Click here for another demo (this one's a bit serious)
Cheers,
Kish
Sunday, September 20, 2009
Wednesday, August 26, 2009
Advisory Updates: Q2 2009, and a bit more...
Even though a spectacular hack was pulled off on Imageshack, they've not fixed their bug yet.
The lazy developers behind the Indian Premier League (oh reely??) have not fixed their XSS and SQLi bugs either... In 2009 if you want to see a demo, of a site allowing "delete method" in databases please visit them :))
ZDNet that writes the special 0-day column, apart from regular security ramblings is "yet" to fix their bug, and Dancho danchev, one of the authors from their team is still replying to mail...
Adobe atleast fixed their bug even though it was late, and I applaud their security team / devs for their store.
Electronic arts and blogarama haven't fixed their bugs just like the others, no I am not surprised
Probably, I'll write the next / final advisory update for this year in 3 to 4 months from now... Keep your eyes open !
Cheers :)
Kish
The lazy developers behind the Indian Premier League (oh reely??) have not fixed their XSS and SQLi bugs either... In 2009 if you want to see a demo, of a site allowing "delete method" in databases please visit them :))
ZDNet that writes the special 0-day column, apart from regular security ramblings is "yet" to fix their bug, and Dancho danchev, one of the authors from their team is still replying to mail...
Adobe atleast fixed their bug even though it was late, and I applaud their security team / devs for their store.
Electronic arts and blogarama haven't fixed their bugs just like the others, no I am not surprised
Probably, I'll write the next / final advisory update for this year in 3 to 4 months from now... Keep your eyes open !
Cheers :)
Kish
Whitehouse.gov - One for the "lulz"
#########################
# Website: www.whitehouse.gov
# Date: 27.08.09
# Bug: Cross Site Scripting (XSS)
########################
Vuln URL: hxxp://www.whitehouse.gov
Click here for the demo
LOL ! Please put some of your resources to work ;)
Cheers,
Kish !
# Website: www.whitehouse.gov
# Date: 27.08.09
# Bug: Cross Site Scripting (XSS)
########################
Vuln URL: hxxp://www.whitehouse.gov
Click here for the demoLOL ! Please put some of your resources to work ;)
Cheers,
Kish !
ESPN Shop - XSS
#########################
# Website: www.espnshop.com
# Real gear for Real "XSS" fans
# Date: 27.08.09
# Bug: Cross Site Scripting (XSS)
########################
Vuln URL: hxxp://www.espnshop.com
Click here for the demo
Learn input validation, and try to use it :)
Cheers,
Kish !
P.S: This was found and reported to ESPN in late 2008, but they're very active as you can see.
# Website: www.espnshop.com
# Real gear for Real "XSS" fans
# Date: 27.08.09
# Bug: Cross Site Scripting (XSS)
########################
Vuln URL: hxxp://www.espnshop.com
Click here for the demo
Learn input validation, and try to use it :)
Cheers,
Kish !
P.S: This was found and reported to ESPN in late 2008, but they're very active as you can see.
Wednesday, July 8, 2009
Hakin9 - Issue (03/2009) - Review
Thanks to the Hakin9 Team for sending me a copy for review. This issue of Hakin9 comes with a new set of articles on various topics such as Bruteforce, Malware analysis, and Examining malicious PDF documents.
Unless you're just starting off or don't know about bruteforce you can skip the introduction to the article, but the relevance of information is really good in terms of description of various types of attacks. The article talks about the latest technique called GPU cracking.
There's also another interesting article detailing the reverse engineering of digital certificate on Windows. Web security enthusiasts are not left out, with an article covering burp proxy's intruder with examples.
For the system administrators there's some constructive information in the article on defeating AVs. There's additionally the CD that comes along with the magazine features Ad-aware anniversary edition (free) along with a few demo-games such as Portsign, which is a hacker game similar to Uplink from Introversion software.
Apart from these there's the usual book review on "IPv6 Security" from Cisco Press, a section on emerging threats, a few ads spread out through the magazine, and a good interview from Nicholas Percoco, the head of Spiderlabs, Trustwave's research team.
Unless you're just starting off or don't know about bruteforce you can skip the introduction to the article, but the relevance of information is really good in terms of description of various types of attacks. The article talks about the latest technique called GPU cracking.
There's also another interesting article detailing the reverse engineering of digital certificate on Windows. Web security enthusiasts are not left out, with an article covering burp proxy's intruder with examples.
For the system administrators there's some constructive information in the article on defeating AVs. There's additionally the CD that comes along with the magazine features Ad-aware anniversary edition (free) along with a few demo-games such as Portsign, which is a hacker game similar to Uplink from Introversion software.
Apart from these there's the usual book review on "IPv6 Security" from Cisco Press, a section on emerging threats, a few ads spread out through the magazine, and a good interview from Nicholas Percoco, the head of Spiderlabs, Trustwave's research team.
Thursday, June 25, 2009
Electronic Arts - XSS vulnerability
#########################
# Website: www.ea.com
# Date: 25.06.09
# Bug: XSS
########################
Vuln URL: hxxp://www.ea.com
Click here for the demo
FIFA 09 and the online game play rocks, but your website ?... not really ! pffft ...
Cheers :)
Kish
# Website: www.ea.com
# Date: 25.06.09
# Bug: XSS
########################
Vuln URL: hxxp://www.ea.com
Click here for the demo
FIFA 09 and the online game play rocks, but your website ?... not really ! pffft ...
Cheers :)
Kish
Friday, May 29, 2009
XSS in Blogarama
#########################
# Website: www.blogarama.com
# Date: 29.05.09
# Bug: XSS
########################
Vuln URL: hxxp://www.blogarama.com
Click here for the demo
Fix input validation in your website...
Cheers :)
Kish
# Website: www.blogarama.com
# Date: 29.05.09
# Bug: XSS
########################
Vuln URL: hxxp://www.blogarama.com
Click here for the demo
Fix input validation in your website...
Cheers :)
Kish
Sunday, May 17, 2009
XSS in Adobe's Store
#############################
# Website: www.abobe.com
# Date: 17.05.09
# Bug: XSS
############################
Vuln URL: hxxps://store3.adobe.com
Click here to see the demo
Fix your input validation, and make shopping with adobe a good memory for the customer.
Cheers :)
Kish
# Website: www.abobe.com
# Date: 17.05.09
# Bug: XSS
############################
Vuln URL: hxxps://store3.adobe.com
Click here to see the demo
Fix your input validation, and make shopping with adobe a good memory for the customer.
Cheers :)
Kish
Sunday, May 3, 2009
HTML Injection in ZDNET
############################
# Website: http://blogs.zdnet.com
# "Say hello to the experts"
# Bug: HTML Injection, XSS
# Date: 03.05.09
############################
Vuln URL: hxxp://blogs.zdnet.com
Click here to see the demo
Please advise people about web-application vulnerabilities, after you've fixed them ! *coughs*
Talking about input validation, their email form is a bad example... and can I use it to send my friend an email ? You bet... it's free email spoofing service, courtesy of ZDnet ;))
Cheers,
Kish
# Website: http://blogs.zdnet.com
# "Say hello to the experts"
# Bug: HTML Injection, XSS
# Date: 03.05.09
############################
Vuln URL: hxxp://blogs.zdnet.com
Click here to see the demo
Please advise people about web-application vulnerabilities, after you've fixed them ! *coughs*
Talking about input validation, their email form is a bad example... and can I use it to send my friend an email ? You bet... it's free email spoofing service, courtesy of ZDnet ;))
Cheers,
Kish
Wednesday, April 29, 2009
SQLi and XSS vulnerabilities in IPL website
###################################
# Website: www.iplt20.com
# (includes spoils from pulselive.com)
# Bug: XSS, and SQLi
# IPL T20 - Indian(or is it English) Premier League
# Date: 29.04.09
###################################
Vuln URL: hxxp://www.iplt20.com
Click here for SQLi demo
There were also 26 injectable spots other than this, and there's XSS in URI, Path, and Forms, can't post too many screenshots... you see ;)
What's more you can insert, update, and delete tables in their DB :))
Happy hunting, Cheers!
# Website: www.iplt20.com
# (includes spoils from pulselive.com)
# Bug: XSS, and SQLi
# IPL T20 - Indian(or is it English) Premier League
# Date: 29.04.09
###################################
Vuln URL: hxxp://www.iplt20.com
Click here for SQLi demo
There were also 26 injectable spots other than this, and there's XSS in URI, Path, and Forms, can't post too many screenshots... you see ;)
What's more you can insert, update, and delete tables in their DB :))
Happy hunting, Cheers!
Saturday, April 25, 2009
XSS in Imageshack
################################
# Website: http://www.imageshack.us
# Bug: XSS
# Date: 25.04.09
##############################
# Website: http://www.imageshack.us
# Bug: XSS
# Date: 25.04.09
##############################
Vuln URL: hxxp://www.imageshack.us
Click here for XSS demo
Fix your input validation.
Cheers,
Kish
Friday, March 27, 2009
XSS in NSA's website
################################
# Website: http://www.nsa.gov
# National "Security" Agency - oh really ?!
# Bug: XSS
# Date: 27.03.09
##############################
Vuln URL: hxxp://www.nsa.gov
Click for the XSS demo
Fix input validation in your page... Please be true to your THREE Letter acronym ;)
Cheers :)
Kish
# Website: http://www.nsa.gov
# National "Security" Agency - oh really ?!
# Bug: XSS
# Date: 27.03.09
##############################
Vuln URL: hxxp://www.nsa.gov
Click for the XSS demo
Fix input validation in your page... Please be true to your THREE Letter acronym ;)
Cheers :)
Kish
Fixed again... Good job AVG, ESET
AVG and ESET have fixed their respective XSS vulnerabilities, and it is good !
Full disclosure - We believe in it !
Cheers!
Full disclosure - We believe in it !
Cheers!
Wednesday, March 11, 2009
Advisory updates: Q1 2009 and a few more ...
Advisory updates, First Quarter, 2009, and a few from 2008.
DMOZ search's xss was found 2 months back... and NASA's XSS at Goddard space flight center, was exactly a month ago...
The other findings, from Myspace, AVG antivirus, and ESET antivirus websites, are also not fixed ... considering that these websites have a good user base, and are expected to fix quickly.
HSBC haven't fixed their bug just yet ... but it is obvious, they're a bank and they want money... not security ;)
The Indian government website, has removed the page having input sanitization problems, instead of fixing it... still not bad ... they've taken some measures to stay at bay ...
Cheers :)
Kish
DMOZ search's xss was found 2 months back... and NASA's XSS at Goddard space flight center, was exactly a month ago...
The other findings, from Myspace, AVG antivirus, and ESET antivirus websites, are also not fixed ... considering that these websites have a good user base, and are expected to fix quickly.
HSBC haven't fixed their bug just yet ... but it is obvious, they're a bank and they want money... not security ;)
The Indian government website, has removed the page having input sanitization problems, instead of fixing it... still not bad ... they've taken some measures to stay at bay ...
Cheers :)
Kish
Monday, March 9, 2009
XSS in AVG website
#########################################
# Website: http://www.avg.com
# Bug: XSS
# Date: 09.03.09
########################################
Vuln URL: hxxp://www.avg.com
Screenshot
Click here for the demo
The AV vendors have failed to secure their websites, and their saga of web bugs, ranging from sql injection, earlier demonstrated by Romanian hackers, to the XSS bugs we're demonstrating will continue...
Fix input validation in your pages, the page affected is their "license" page...
Cheers :)
Kish
# Website: http://www.avg.com
# Bug: XSS
# Date: 09.03.09
########################################
Vuln URL: hxxp://www.avg.com
Screenshot
Click here for the demoThe AV vendors have failed to secure their websites, and their saga of web bugs, ranging from sql injection, earlier demonstrated by Romanian hackers, to the XSS bugs we're demonstrating will continue...
Fix input validation in your pages, the page affected is their "license" page...
Cheers :)
Kish
XSS in Myspace
#########################################
# Website: http://www.myspace.com
# Bug: XSS
# Date: 09.03.09
########################################
Vuln URL: hxxp://www.myspace.com/Modules/PostTo/Pages/DefaultV1.aspx
Screenshot
Click here for XSS demo
Fix input validation in the page, social networks are my turf !
Cheers :)
Kish
# Website: http://www.myspace.com
# Bug: XSS
# Date: 09.03.09
########################################
Vuln URL: hxxp://www.myspace.com/Modules/PostTo/Pages/DefaultV1.aspx
Screenshot
Click here for XSS demo
Fix input validation in the page, social networks are my turf !
Cheers :)
Kish
Wednesday, March 4, 2009
XSS in ESET website
#########################################
# Website: http://www.eset.com
# Bug: XSS
# Date: 04.03.09
########################################
Vulnerable URL: hxxp://kb.eset.com
Click here for the demo
Fix input validation in the page, antivirus vendors are supposed to be careful, atleast, I thought so !
This is a special advisory, Dedicated to Digi (Crimemachine,Founder), my very good friend, and fellow hacker, who is an ardent supporter of ESET products, the antivirus especially, for the heur et al.
Cheers :)
Kish
# Website: http://www.eset.com
# Bug: XSS
# Date: 04.03.09
########################################
Vulnerable URL: hxxp://kb.eset.com
Click here for the demo
Fix input validation in the page, antivirus vendors are supposed to be careful, atleast, I thought so !
This is a special advisory, Dedicated to Digi (Crimemachine,Founder), my very good friend, and fellow hacker, who is an ardent supporter of ESET products, the antivirus especially, for the heur et al.
Cheers :)
Kish
Tuesday, February 10, 2009
Fresh stock: XSS in NASA
###############################
# Website: http://www.nasa.gov
# Open source & NASA
# Bug: XSS
# Date: 10.02.09
#############################
Vulnerable URL: hxxp://opensource.gsfc.nasa.gov/feedback.php
Post based XSS: any field
Click here for POST request
Fix input validation in all the fields...
Cheers,
Kish
# Website: http://www.nasa.gov
# Open source & NASA
# Bug: XSS
# Date: 10.02.09
#############################
Vulnerable URL: hxxp://opensource.gsfc.nasa.gov/feedback.php
Post based XSS: any field
Click here for POST request
Fix input validation in all the fields...
Cheers,
Kish
Tuesday, January 27, 2009
NASA fixed the XSS
Well, well, well, it is that time of the day again, when a demo on NASA fails ... ;)
They fixed the bug in 3 days, which is not bad ...
Cheers,
Kish
They fixed the bug in 3 days, which is not bad ...
Cheers,
Kish
Saturday, January 24, 2009
XSS in NASA website, again
#########################################
# Website: http://www.nasa.gov
# It's time to know more about astronauts and gravity
# Bug: XSS
# Date: 24.01.09
########################################
Vulnerable URL: hxxp://astrogravs.nasa.gov
Click here for the demo
Fix input validation in the page.
Cheers :)
Kish
# Website: http://www.nasa.gov
# It's time to know more about astronauts and gravity
# Bug: XSS
# Date: 24.01.09
########################################
Vulnerable URL: hxxp://astrogravs.nasa.gov
Click here for the demo
Fix input validation in the page.
Cheers :)
Kish
Thursday, January 22, 2009
XSS in Facebook
###################################
# Website: http://www.facebook.com
# It's free and anyone can hack !
# Bug: XSS
# Date: 22.01.09
##################################
Vulnerable URL: hxxp://apps.facebook.com/skillzbase/
Click here for the XSS Demo
Fix input validation in the app
Social networking websites are targetted a lot these days, reckless filtering *shrugs*
Cheers :)
Kish
Date: 24.01.09
Update: The bug has been fixed by Facebook, Full disclosure - We believe in it !
# Website: http://www.facebook.com
# It's free and anyone can hack !
# Bug: XSS
# Date: 22.01.09
##################################
Vulnerable URL: hxxp://apps.facebook.com/skillzbase/
Click here for the XSS Demo
Fix input validation in the app
Social networking websites are targetted a lot these days, reckless filtering *shrugs*
Cheers :)
Kish
Date: 24.01.09
Update: The bug has been fixed by Facebook, Full disclosure - We believe in it !
Thursday, January 15, 2009
XSS in DMOZ Search
Advisory #1 (2009)
############################
# Website: dmoz.org
# Bug: HTML Injection, XSS
# Date: 15.01.09
###########################
Vulnerable URL: http://search.dmoz.org/cgi-bin/search?search=
Click here for a demo
Next screenshot to show the presence of XSS bug
Click here for demo
Fix input validation in these pages for better security.
Cheers,
Kish
############################
# Website: dmoz.org
# Bug: HTML Injection, XSS
# Date: 15.01.09
###########################
Vulnerable URL: http://search.dmoz.org/cgi-bin/search?search=
Click here for a demo
Next screenshot to show the presence of XSS bug
Click here for demo
Fix input validation in these pages for better security.
Cheers,
Kish
Subscribe to:
Posts (Atom)