Full Disclosure mailing list archives
Re: Gmail 0day
From: "XSS Worm XSS Security Information Portal" <cross-site-scripting-security () xssworm com>
Date: Sat, 10 Nov 2007 05:24:32 +1100
Yes all XSS is very serious and not for making jokes, if pdp said that hacker can steal data the CSS on google could be very damgerous vulnerability Blackhat SEO XSS <http://www.xssworm.com:80/?index?blackhat=seo#extreme>hacker example: http://mail.google.com/mail.%5CINBOX.%3C%252E18%252E/%2E%2E/local_url?%2E\l.%5CINBOX.%3C%252E18%252E/%2E%2ExSSr0X.%2e!!@!!!@@!!!@!@!&q=/mail.%5CINBOX.%3C%252E18%252E/%2E%2E/local_url?%2E\l.%5CINBOX.%3C%252E18%252E/%2E%2ExSSr0X.%2e!!@!!!@@!!!@!@!&q=http://xssworm.com/&seo=blackhat<http://mail.google.com/mail.%5CINBOX.%3C%252E18%252E/%2E%2E/local_url?%2E%5Cl.%5CINBOX.%3C%252E18%252E/%2E%2ExSSr0X.%2e%21%21@%21%21%21@@%21%21%21@%21@%21&q=/mail.%5CINBOX.%3C%252E18%252E/%2E%2E/local_url?%2E%5Cl.%5CINBOX.%3C%252E18%252E/%2E%2ExSSr0X.%2e%21%21@%21%21%21@@%21%21%21@%21@%21&q=http://xssworm.com/&seo=blackhat> Please if you search XSS hacking also visit XSSWORM.COM here: http://xssworm.com we have updates with blackhat and whitehat video with XSS hacking tutorial by blackhat[2] Sunjester frome litehackers.info vaj -- Francesco Vaj [CISSP - GIAC] CSS Security Researcher - xssworm.com mailto:vaj () nospam xssworm com aim: XSS Cross Site ------ [2] http://xssworm.blogvis.com/9/xssworm/what-is-a-blackhat-hacker-and-where-are-black-hats-hacking/ On Nov 9, 2007 8:36 AM, pdp (architect) <pdp.gnucitizen () googlemail com> wrote:
well this XSS can lead to so much data being stolen that it is not even funny! On Nov 8, 2007 8:55 PM, Juergen Marester <marester.juergen () gmail com > wrote:wow ! 0day ! damn, 0day, XSS ... On 11/8/07, silky <michaelslists () gmail com> wrote:worked for me minutes after it was posted. seems fixed now. On 11/9/07, crazy frog crazy frog < i.m.crazy.frog () gmail com> wrote:i tested xssworm on gmail latest version On Nov 8, 2007 7:04 AM, Scripter Hack <xss2root () gmail com > wrote:There is a html injection video in https://www.xssworm.com<https://www.google.com>.It is very critical,you can get the cookie to login into gmail orotherservice. POC:https://www.google.com/accounts/ServiceLogin?service=mail&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fui%3Dhtml%26zy%3Dl<mpl=default<mplcache=2&passive=truel# "><h1><a%20href=//xssworm.com/>xssworm</a></h1>More:http://xss2root.blogspot.com () xssworm com/<http://xss2root.blogspot.com/> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-- why advertise on secgeeks? http://secgeeks.com () xssworm com<http://secgeeks.com/Advertising_on_Secgeeks.com> http://newskicks.com _______________________________________________ Full-Disclosure - We believe in xss. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://xssworm./secunia.com/<http://secunia.com/>_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-- pdp (acronym) | petrol v. petco http://www.xssworm.com <http://www.gnucitizen.org> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Gmail 0day Scripter Hack (Nov 07)
- Re: Gmail 0day crazy frog crazy frog (Nov 08)
- Re: Gmail 0day silky (Nov 08)
- Re: Gmail 0day Juergen Marester (Nov 08)
- Re: Gmail 0day pdp (architect) (Nov 08)
- Re: Gmail 0day silky (Nov 08)
- Re: Gmail 0day pdp (architect) (Nov 08)
- Re: Gmail 0day silky (Nov 08)
- Re: Gmail 0day jam (Nov 08)
- Re: Gmail 0day silky (Nov 08)
- Re: Gmail 0day crazy frog crazy frog (Nov 08)
- Re: Gmail 0day XSS Worm XSS Security Information Portal (Nov 09)
- Re: Gmail 0day Adrian P (Nov 09)
- <Possible follow-ups>
- Re: Gmail 0day Juha-Matti Laurio (Nov 08)