akkiliON

Am s? fac !

Nu este acesta ! Am s? v? spun unde era când o s? repare problema.

A?tept un r?spuns. Mersi !

# Exploit: paypal-*.* - Full Path Disclosure + SQL Error (Reported) # Author: akkiliON # Status: Waiting for an response # PoC:

Felicit?ri

Just a child !

# Exploit: where.com - Cross-Site-Scripting Reflected # Author: akkiliON # URL Link: https://where.com/ # Status: Waiting for an response # PoC:

Am primit un mesaj ca e duplicate !

https://www.paypal.com/us/webapps/mpp/security-tools/reporting-security-issues

Am mai gasit inca 2 xss-uri dar intr-un alt site ( tot de paypal apartine ).

# Exploit: *.zong.com - Cross-Site-Scripting Reflected # Author: akkiliON # URL Link: https://zong.com/ # Status: Waiting for an response # PoC:

Cisco Meraki | Meraki | Security, Reliability, and Privacy security@meraki.com Daca ai trimis la acest email un mesaj e bun

Dau si pentru XSS-uri ! O sa ai mult de asteptat ... pana iti raspund ! Daca a trecut o luna o sa primesti curand un mesaj.

Sincer nu )

Salut tuturor, am creat acest topic cu scopul de a va informa ca am gasit o vulnerabilitate (Information Leakage) in Cisco Meraki si am primit un reward (bani), dar nu e o suma asa grozava Mai mult am deschis topic-ul sa va informez, daca gasiti vreodata la ei ceva o sa asteptati foarte mult dupa un raspuns. Vulnerabilitatea am gasit-o in data de 16 aprilie 2013, iar astazi am primit ca vor sa ma rasplateasca cu o recompensa de 200 $

Computer geeks already knew it was possible to hack into a car's computerized systems and finally, two U.S. hackers - Charlie Miller and Chris Valasek, sponsored by the Pentagon's research facility DARPA recently demonstrated just how easy it is for malicious hackers to physically hijack a modern car using a laptop. Feeling exiting ... ? You should worry too..It's all very concerning. Because you may never drive your car again after you see how a couple of government funded tech guys were able to hack into, and take control of car’s steering, dashboard, and even its brakes. Forget hacking accounts, computers or mobile devices, this new threat to our vehicles is thanks to the evolution of electronic control units being installed in most new cars. Charlie Miller, a security engineer at Twitter, and Chris Valasek, the Director of Security Intelligence at IOActive received an $80,000 grant from the US government in order to research these new vulnerabilities. By connecting an Apple MacBook to the car's OBD-II (On-Board Diagnostic System) port below the dashboard, they were able to trigger a series of minor and major events that could annoy drivers at best and cause a serious accident at worst. Minor hacks included manipulation of the car's fuel gauge and speedometer, triggering the seatbelt pre-tensioners and sounding the horn. A video of their demonstration from Forbes, shows them using their electronic access to disconnect brakes, scramble a speedometer, wobble a steering wheel and blast a horn, inside a 2010 model Ford Escape and Toyota Prius. That study showed that the engine control devices initially designed for pollution reduction had been integrated into other aspects of a car's functioning and diagnostics. But security research is notoriously difficult; the fact that Toyota’s engineers haven't found any security vulnerabilities doesn’t mean there aren't any. Hackers Demonstrate Car Hacking using a laptop - The Hacker News

Lol ! Mai am unul si trebuie sa astept raspuns. 22 zile ... am asteptat dupa asta... si acuma astept dupa urmatorul .... cel reflected !

sectiunea offtopic este pentru topicurile care au legatura cu securitatea/informatica dar nu se incadreaza in categoriile deja existente, sectiunea offtopic nu este pentru altceva decat ceea ce am specificat mare si clar mai devreme, orice alt continut la categoria offtopic care nu respecta acea regula va fi mutat la gunoi iar cel care a facut topicul va primi ban/warn dupa caz.

Cite?te regulamentul !

# Exploit: Bing.com - Cross-Site-Scripting Persistent # Author: akkiliON # Status: Waiting for an response # PoC:

Platesti tu mai mult decat bug bounty-ul lor ?

A?tept de 13 zile pt 2 xss-uri ?i nici nu m? bag? în seam?. Tot îmi zic c? e in stare de prezentare. Le-am g?sit în Paypal. ON: Bravo.

Am g?sit un cadou ce l-am primit de la ei. Yahoo! LED Carabiner Light

OFF:

Sigur care au primit reward nu cred c? au fost pe ni?te XSS-uri sau altele mai minore. Acum nu ?tiu ce s? spun. Dar majoritatea ?i-au luat ?eap?. Iar eu zic c? nu se merit? dac? mult? lume se plânge c? nu au primit nimic. Î?i pierzi timpul cu ei.