Active Members dancezar Posted June 21, 2013 Active Members Report Share Posted June 21, 2013 (edited) Exploit:Cross site scriptingMethod:GETTested on:--Primul:-Firefox-chrome-safari--Al doilea:-Firefox-chrome-safari-operaPOC 1:View image: xss adobePOC 2:View image: xss adobe2 copyAmbele merg pe Chrome.Sunt pe subdomenii diferiteStatus:raportate am primit un email de feedback Edited June 21, 2013 by danyweb09 1 Quote Link to comment Share on other sites More sharing options...
qwerty12 Posted June 22, 2013 Report Share Posted June 22, 2013 si eu am raportat unul acum 1 luna:D Quote Link to comment Share on other sites More sharing options...
Mynikka Posted June 22, 2013 Report Share Posted June 22, 2013 danyweb09 you need to stop this pretentious bullshit.You cannot bypass chrome (on non-persistent xss), you just disable the xss filter and pretend you're some l33t hax0r.Prove you can bypass it, i will pay you 450$ (escrow). Quote Link to comment Share on other sites More sharing options...
Active Members dancezar Posted June 22, 2013 Author Active Members Report Share Posted June 22, 2013 (edited) danyweb09 you need to stop this pretentious bullshit.You cannot bypass chrome (on non-persistent xss), you just disable the xss filter and pretend you're some l33t hax0r.Prove you can bypass it, i will pay you 450$ (escrow).I'cant bypass the xss filter from chrome.But in some condition is works here i have 2 exemple:<?phpecho $_GET['c'];?>and the url :site.com/script.php?c=<script>alert(1)</script>This is not passableBut propose this script:<script>var test="<?php echo $_GET['c']; ?>";//the rest of the javascript code</script>this vector can bypass the xss auditor from chrome:";alert(1);// or ";alert(1);a="1Test it on your localhost.I did dont say i can bypass the xss auditor i say "Its work on google chrome"Sory for my bad english.//edit the xss filter from IE 8 is more good than xss auditor from chrome Edited June 22, 2013 by danyweb09 Quote Link to comment Share on other sites More sharing options...
Mynikka Posted June 22, 2013 Report Share Posted June 22, 2013 I'cant bypass the xss filter from chrome.But in some condition is works here i have 2 exemple:<?phpecho $_GET['c'];?>and the url :site.com/script.php?c=<script>alert(1)</script>This is not passableBut propose this script:<script>var test="<?php echo $_GET['c']; ?>";//the rest of the javascript code</script>this vector can bypass the xss auditor from chrome:";alert(1);// or ";alert(1);a="1Test it on your localhost.I did dont say i can bypass the xss auditor i say "Its work on google chrome"Sory for my bad english.//edit the xss filter from IE 8 is more good than xss auditor from chromeOk at least you're honest.The xss filter on chrome only protects against non-persistent and can be truly bypassed when there are 2 get variables.I've yet to see an xss vector that works against latest chrome version with 1 get variable. Quote Link to comment Share on other sites More sharing options...
qwerty12 Posted June 30, 2013 Report Share Posted June 30, 2013 Sper sa iti dea Hof! Quote Link to comment Share on other sites More sharing options...
Active Members dancezar Posted October 31, 2013 Author Active Members Report Share Posted October 31, 2013 Vurnerabilitatile au fost reparate si ieri seara am fost trecut pe Security Acknowledgments .Linkurile vurnerabile erau 1. https://kuler.adobe.com/%3Cscript%3Ealert%281%29%3C%2Fscript%3E-art-colors/ (Pentru asta am primit HOF)2. Adobe Education Exchange (A fost dublicate,raportat de Nacks inainte)Am uitat sa le fac poze necenzurate da se obeserva clar din pozele de mai sus ca acestea erau paginile.Ambele functionau pe chrome , primul desi vectorul era <script>alert(1)</script> functiona pe chrome deoarece era DOOM.Am trecut rstforums.com acolo pentru ca nu l-am vazut decat pe Dragos trecut cu rstforums.Desi dureaza mult pana le repara merita asteptarea. Quote Link to comment Share on other sites More sharing options...
dekeeu Posted October 31, 2013 Report Share Posted October 31, 2013 (edited) Ala din edex e cel de aici pe care l-am raportat eu pe 7 mai : https://rstforums.com/forum/68976-xss-adobe.rst .Acum o saptamana am vazut ca era fixat si i-am intrebat care-i treaba si mi-au raspuns ca inca trebuie revizuit . Edited October 31, 2013 by dekeeu Quote Link to comment Share on other sites More sharing options...
Active Members dancezar Posted October 31, 2013 Author Active Members Report Share Posted October 31, 2013 Ala din edex e cel de aici pe care l-am raportat eu pe 7 mai : https://rstforums.com/forum/68976-xss-adobe.rst .Acum o saptamana am vazut ca era fixat si i-am intrebat care-i treaba si mi-au raspuns ca inca trebuie revizuit . Ratati, nu ma mir de ce hacerii au facut publica baza lor de date .Poti sa ii intrebi daca cineva l-a raportat inaintea ta poate de asta:-/ Trebuie sa ai rabdare cu ei:) florindark a primit HOF dupa un an deci... eu ma mir cum au reusit sa il repare pe ala doom dupa 4 luni:)) eu ma asteptam sa primesc HOF la anu Quote Link to comment Share on other sites More sharing options...
