Full Disclosure mailing list archives
exploitlabs.com XSS hole someone better beware!
From: <dnv () hushmail com>
Date: Tue, 22 Jul 2003 02:32:22 -0700
Vunerability(s): ---------------- 1. Remote / Local XSS SCRIPT EXECUTION!! Product: -------- super cool script by moroning_wood, my m3nt0r in teh XSS style!! Description of product: ----------------------- no need for description!! mornining_wood is world renowned XSS pioneer ninja all world know that! VUNERABILITY / EXPLOIT ====================== NO NEED to rip other peoples code this time, this can be done with a browser, i tested with mozilla iexplore 3/4/5/6 and oppera i like oppera. http://exploitlabs.com/thecore/?<script>alert('document.location')</script> -------------------------------^^^^^^^^^^^^XSS STYLE! MORONING_WOOD TEACH ME!!! Local: ------ yes ai run from our kompanie webserver! Remote: ------- yes a lot! Vendor Fix: ----------- No fix on 0day besides this is too cool to fix i like practicing on moroning_wood server!! Vendor Contact: --------------- no because donnie weiner is sleeping and he taught me all XSS i know so he must know himself. Credits: -------- DNV dnv () hushmail com http://www.ibeatmymeat.dk remember again all you people I AM THE BEST HACKER IN DENMARK!!! AND YES TCPDUMB I WAS AT CCC YOU JUST NOT KNOW ME BECAUSE I HIDE UNDERCOVER LIKE reaL HaCkERS! http://exploitlabs.com/thecore/?<script>alert('document.location')</script> Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger https://www.hushmail.com/services.php?subloc=messenger&l=434 Promote security and make money with the Hushmail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- exploitlabs.com XSS hole someone better beware! dnv (Jul 22)