[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200307220932.h6M9WM9b020947@mailserver2.hushmail.com>
From: dnv at hushmail.com (dnv@...hmail.com)
Subject: exploitlabs.com XSS hole someone better beware!
Vunerability(s):
----------------
1. Remote / Local XSS SCRIPT EXECUTION!!
Product:
--------
super cool script by moroning_wood, my m3nt0r in teh XSS style!!
Description of product:
-----------------------
no need for description!! mornining_wood is world renowned XSS pioneer
ninja all world know that!
VUNERABILITY / EXPLOIT
======================
NO NEED to rip other peoples code this time, this can be done with a
browser,
i tested with mozilla iexplore 3/4/5/6 and oppera i like oppera.
http://exploitlabs.com/thecore/?<script>alert('document.location')</script>
-------------------------------^^^^^^^^^^^^XSS STYLE! MORONING_WOOD TEACH
ME!!!
Local:
------
yes ai run from our kompanie webserver!
Remote:
-------
yes a lot!
Vendor Fix:
-----------
No fix on 0day besides this is too cool to fix i like practicing on moroning_wood
server!!
Vendor Contact:
---------------
no because donnie weiner is sleeping and he taught me all XSS i know
so he must know himself.
Credits:
--------
DNV
dnv@...hmail.com
http://www.ibeatmymeat.dk
remember again all you people I AM THE BEST HACKER IN DENMARK!!! AND
YES TCPDUMB I WAS AT CCC YOU JUST NOT KNOW ME BECAUSE I HIDE UNDERCOVER
LIKE reaL HaCkERS!
http://exploitlabs.com/thecore/?<script>alert('document.location')</script>
Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434
Promote security and make money with the Hushmail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427
Powered by blists - more mailing lists