Active Members akkiliON Posted May 16, 2013 Active Members Report Share Posted May 16, 2013 (edited) M-am gandit sa fac un mic challenge si sa ofer un premiu ! ( Nu am ceva mai bun sa va dau )# Target: Swingnote # Vulnerabilitate: XSS Reflected # Proof: http://img694.imageshack.us/img694/132/challengexss.jpg # Camp vulnerabil: String Reguli: Primul care imi trimite rezolvarea, prin P.M, va castiga un cont de steam cu urmatoarele jocuri:- Counter-Strike- Counter-Strike: Condition Zero- Counter-Strike: Condition Zero Deleted ScenesPoate va intrebati de ce am cenzurat atat ! Daca rezolvati acest challenge o sa va vedeti de ce Daca un moderator doreste o dovada, ca acest site este vulnerabil, P.M si am sa va raspund !Cand trimiteti rezolvarea vreau sa vad si ce vector ati folosit !Succes !// Am uitat ceva ! Fac si o lista cu cei care au rezolvat acest challenge, care nu au primit nici un premiu !Solvers- TheTime- Sega- danyweb09- gafi- cemama- Hertz----Closed ! Edited May 17, 2013 by akkiliON Link to comment Share on other sites More sharing options...
TheTime Posted May 16, 2013 Report Share Posted May 16, 2013 (edited) Works great on firefox.imgNu doresc contul de steam. Baieti, bagati mare, inca mai aveti sanse. Edited May 16, 2013 by TheTime 1 Link to comment Share on other sites More sharing options...
Active Members akkiliON Posted May 16, 2013 Author Active Members Report Share Posted May 16, 2013 (edited) Primul a fost TheTime si a castigat un cont de steam ! Felicitari !Am sa mai fac challenge-uri cu alte premii in curand ! // EDIT: Se pare ca numai doreste contul de steam ... dar are un loc in lista cu solvers ! Urmatorul care rezolva e al lui contul ! Bafta Edited May 16, 2013 by akkiliON Link to comment Share on other sites More sharing options...
Sega Posted May 16, 2013 Report Share Posted May 16, 2013 (edited) Nu am nevoie de steam.Deci, prize-ul e inca available pentru urmatorul ce rezolva challenge-ul. Edited May 16, 2013 by Sega 1 Link to comment Share on other sites More sharing options...
Active Members akkiliON Posted May 16, 2013 Author Active Members Report Share Posted May 16, 2013 Felicitari Sega ! Se pare ca nici Sega nu doreste contul de steam ! Inca il mai am ! Urmatorul care va rezolva va avea contul de steam daca il doreste ! Link to comment Share on other sites More sharing options...
Active Members dancezar Posted May 16, 2013 Active Members Report Share Posted May 16, 2013 ImageShacknu joc counter.poate e altcineva interesat 1 Link to comment Share on other sites More sharing options...
yoyois Posted May 16, 2013 Report Share Posted May 16, 2013 deja sunt 3.E ceva in javascript, nu?Pacar ca sunt pe mobil... Link to comment Share on other sites More sharing options...
Active Members dancezar Posted May 16, 2013 Active Members Report Share Posted May 16, 2013 Da ma sta e si scopul unui xss sa executi un javascript in site.Apropo mai ai timp daca vrei sa castigi contul de counter nu este dat inca. Link to comment Share on other sites More sharing options...
gafi Posted May 16, 2013 Report Share Posted May 16, 2013 Nu vreau contu de steam 1 Link to comment Share on other sites More sharing options...
K1d0r3L Posted May 16, 2013 Report Share Posted May 16, 2013 Poate puneti si voi rezolvarea aici dupa ce se termina ... am incercat si eu dar nu am reusit Link to comment Share on other sites More sharing options...
dekeeu Posted May 16, 2013 Report Share Posted May 16, 2013 Poate puneti si voi rezolvarea aici dupa ce se termina ... am incercat si eu dar nu am reusit Daca te uiti bine pe aici gasesti si vectorul .. Link to comment Share on other sites More sharing options...
aaa1 Posted May 16, 2013 Report Share Posted May 16, 2013 puneti la urma si rezolvarea ca sa invete si altii si data viitoare vor fi mai multi competitori... Link to comment Share on other sites More sharing options...
cemama Posted May 17, 2013 Report Share Posted May 17, 2013 daca nu l-a luat nimeni , il iau eu Link to comment Share on other sites More sharing options...
Hertz Posted May 17, 2013 Report Share Posted May 17, 2013 Pentru invatacei:' onmouseover=javascript:alert(1); onload=' Link to comment Share on other sites More sharing options...
yoyois Posted May 17, 2013 Report Share Posted May 17, 2013 FUCK!!! Am fost pacalit de sistemul android .Nu credeam ca se poate injecta asa (fiind pe telefon) Link to comment Share on other sites More sharing options...
Active Members akkiliON Posted May 17, 2013 Author Active Members Report Share Posted May 17, 2013 (edited) Pentru invatacei:' onmouseover=javascript:alert(1); onload='Multumesc ! Ai facut o treaba "buna" !De ce nu lasi si pe altii sa rezolve acest challenge ? Am vrut sa vad cati de aici rezolva acest challenge !Am facut mai mult acest challenge cu scopul de a atrage cati mai multi concurenti care sunt incepatori in acest domeniu ! Iar rezolvarea o puneam pana cand primii 10 rezolvau acest challenge !Poate asa invatau si ei ceva ! Daca tot ai rezolvat puteai frumos sa imi dai un P.M cu rezolvarea !Sper ca pe viitor sa numai faci prostia asta ! Multumesc ON:Felicitari tuturor care au participat !Se pare ca premiul va fi acordat lui cemama ! danyweb09 si gafi se pare ca nu au dorit acest premiu !// cemama ai P.M ! Edited May 17, 2013 by akkiliON Link to comment Share on other sites More sharing options...