Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] XSS in rapidshare.de

from [ad@heapoverflow.com] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] XSS in rapidshare.de
Date: Sun, 29 Jan 2006 14:32:49 +0100 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
Mbyte Security wrote:

I found another vulnerability in your brain


People dont have to search a lot to find a heapoverflow in yours

http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-11/0124.html

Mbyte Security wrote:

I found another vulnerability in your brain ...  This vulnerability
 makes you to look like a cock sucker... no patch is available (you
 know... there is no patch for huma stupidity)

"®.....Now I Am Become Death....The Destroyer Of Worlds....©"
----> LOL retard

definitedly you need to buy some friends and maybe a new life ...

ramadam team


On 1/29/06, *(M.o.H.a.J.a.L.i)* <mohajali2k4@gmail.com
<mailto:mohajali2k4@gmail.com>> wrote:

Hello All..

i found an XSS vulnerability in the widely known file hosting
company : http://rapidshare.de

The Vulnerability is in the premium members area:
https://ssl.rapidshare.de/cgi-bin/premiumzone.cgi

and it goes like this:
https://ssl.rapidshare.de/cgi-bin/premiumzone.cgi?login=XSSHERE&password=anything



https://ssl.rapidshare.de/cgi-bin/premiumzone.cgi?login=<script>alert("XSS%20IN%20RAPIDSHARE%20BY%20MOHAJALI");</script>&password=anything

<https://ssl.rapidshare.de/cgi-bin/premiumzone.cgi?login=%3Cscript%3Ealert%28%22XSS%20IN%20RAPIDSHARE%20BY%20MOHAJALI%22%29;%3C/script%3E&password=anything>




http://mohajali.lezr.org

Salam -- ®.....Now I Am Become Death....The Destroyer Of
Worlds....©

_______________________________________________ Full-Disclosure -
We believe in it. Charter:
http://lists.grok.org.uk/full-disclosure-charter.html Hosted and
sponsored by Secunia - http://secunia.com/




-- Megabyte http://mbytesecurity.org El Dios de la Red Saludos a mi
zorra Pandora, que me pone cuernos Zeus,Cairo,Redpoint,x0p0x and
all lame band

Visiten my blog de looser bastardo!!!
http://blogs.cjb.net/mbytesecurity/

----------------------------------------------------------------------


_______________________________________________ Full-Disclosure -
We believe in it. Charter:
http://lists.grok.org.uk/full-disclosure-charter.html Hosted and
sponsored by Secunia - http://secunia.com/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
 
iQIVAwUBQ9zEAK+LRXunxpxfAQJYWRAAvawLSWsw4Xn/Ve+Y5tq6iOl/7zEYn8lF
r/U1KzLIto3rmEGwzxFIoySMlPfJYqXEUgC+/YoWYCEUQIu5gmVrQmwDePlrhqXR
n8icGhMv3e6/ocAhztjb+VWscmVAXO1d1OGtxaaAARf7rkoG4mlLRybMMCx3jWSk
Xn0kbzxyv34RgUEnOhioZWL+kUo96GxI0pdCmu3NZ86FBM+/cazKqJ1mZYaa2u9z
ZoFA8a/pyJYJBFZweyg+L3gbsOD1ur6bZfyy5/3x5GmlTPtH3kjRpr6ciGBtfiJu
6WdJgsY7n1JbgrG/qBEHNwSo+Woh0xvsyIScYjRTyAIIhs4EMxZ9CIXJH/8C81o9
QMa753QASYfVy1u+AKL6nXYdZmhNeoymeD0VGUEi/DstJltp7UgFvrTdCNiwW6k3
BQ1YZRmbsvs7oYiGwnR4+i8tWChHW5dLCd72h2wAXG6GTqNPTkHGt/0qLtzv6LMh
BU9ZSQe4yGtcSEp4hk0qBvJtPZsbuJW/uqyIaXjbR/lybmaT1S3A2ubtmTWxdham
b8eCtaE2mQGQ9AnqMVgi5caRz3BpQChei78e79pxWDKDnN4pyBguKD12J2b4Ekok
PqxUsqDqqWMmb1URKB7yTgyYYgfQc9mbX+7a6R87Ph8RJsn6Nfh7RlSOVZ2ZDV0M
6G7qMEen2cw=
=WgSg
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-disclosure] Cross Site Cooking, Michal Zalewski
Next by Date:  [Full-disclosure] [ GLSA 200601-14 ] LibAST: Privilege escalation, Sune Kloppenborg Jeppesen
Previous by Thread:  Re: [Full-disclosure] XSS in rapidshare.de, Mbyte Security
Next by Thread:  [Full-disclosure] Re: XSS in rapidshare.de, (M.o.H.a.J.a.L.i)
Indexes:  [Date] [Thread] [Top] [All Lists]