Sunday, March 30, 2008

Frame Redirection in India.gov.in


###################################
# Website: http://www.india.gov.in
# Bug: Frame Redirection
# Date: 30.03.08
##################################

Vulnerable URL: hxxp://india.gov.in/outerwin.htm

Click here for frame redirect demo

Cheers :)
Kish
Posted by at No comments:
Labels: , , , , , , ,

Thursday, March 27, 2008

XSS in NASA website

Advisory #1 (2008)

#############################
# Website: www.nasa.gov
# Bug: XSS - Cross Site Scripting
# Date: 25.03.08
#############################

Vulnerable URL: hxxp://search.nasa.gov/search/search

Click here for demo (XSS)

Fix: Validate input correctly for each and every dynamic parameter on the page. Also check the ISAPI filters, for we're still out here and looking ...

Cheers :)
Kish
Posted by at No comments:
Labels: , , , , , , , ,

Friday, March 21, 2008

Blog Intro

Hi guys,

Introducing (IN)secure Times blog, a project from the makers of Crimemachine.This blog is going to serve as dumping space for new bugs, especially throwaway bugs such as XSS, SQL Injection, Remote File Includes, and other types of web based bugs which are ***very very dangerous***

Only time will tell how insecure the world is ... ;)

*Coughs*

Kish !
Posted by at No comments:
Labels: , , , ,
Subscribe to: Posts (Atom)