Jump to content
dancezar

[HOF] apple.com

By dancezar, in Bug Bounty

Recommended Posts

  • Active Members
dancezar Newbie

dancezar

Posted
  • Active Members
Posted

Am raportat un xss in domeniul store.apple.com prin aprilie asa nu imi mai amintesc sigur si abea acum 1 ora am primit raspun ca m-au adaugat in HOF.

Scriptul vurnerabil era acesta


var addSBTag =  /(iPhone|iPod).*OS.*AppleWebKit.*Mobile.*Safari/.test(navigator.userAgent);
		if (addSBTag) {
			var headNode = document.getElementsByTagName("head")[0];
			var sbNode = document.createElement('meta');
			sbNode.name = 'apple-itunes-app';
			sbNode.content = 'app-id=375380948, app-argument=http:\/\/store.apple.com\/us\/ipod\/ipod-accessories\/apple-tv?test123';
			headNode.appendChild(sbNode);
		}

iar locul vurn era unde apare acolo test123 iar daca bagai la orice pagina din subdomeniu asta, urmatorul vector :';}else if(1==1){alert(1)}// sarea alertu pe toate browserele inafara de firefox si IE

Parca l-am postat si pe rst tot atunci.

Apple Web Server notifications

  • Upvote 1
danger2u Newbie

danger2u

Posted
Posted

2013-06-12 support.apple.com

A reflected cross-site scripting issue was addressed. We would like to acknowledge Florin, Jeison Maldonado, Rubén Díaz Alonso (@outime) of Rubutek, J. Francisco Bolívar of (https://www.linkedin.com/in/jfbolivar), Yasir Altaf Zargar of MaDLeeTs | Anti Hackers & Hacking | Learn Security | Learn To Protect Your Self From Hackers |, Mike Czumak of Security Sift | Sifting through the world of Information Security, one bit at a time, Ajinkya Patil (@5nak3Eyes) of Avsecurity.in, Dragos Scarlatescu of the Romanian Security Team, Horatau Marius & Darius Petrescu of Romanian Security Team (www.rstforums.com), Dawid Ba?ut, Tarek Siddiki of Team Haxorsistz, Greg Wroblewski of Microsoft and MSVR, Umer Shakil of (twitter.com/umer_djzz), and Danish Tariq, Noman Ramzan and Ali hassan for reporting this issue.

ce cool e sa vezi numele Rst pe Apple.com :))

  • Active Members
dancezar Newbie

dancezar

Posted
  • Author
  • Active Members
Posted

Acolo este xss lui akkilion al meu era in store:


2013-06-24 store.apple.com

A reflected cross-site scripting issue was addressed. We would like to acknowledge Stefan Schurtz of darksecurity.de, David Hoyt of Hoyt LLC Research, Pobereznicenco Dan of rstforums.com, and Danalachi Sergiu for reporting this issue.

Au mai raportat 3 persoane inafara de mine xss-u si asta imi place la hall of fame-ul lor daca mai multe persoane au gasit acelasi xss ii trece pe toti acolo la ei nu exista dublicate

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...