XSS On Ebay.com [Архив] - Форум АНТИЧАТ

Просмотр полной версии : XSS On Ebay.com

Fugitif

07.12.2007, 00:40

I am still Fugitif and now I want to show you how can work one vulnerable XSS Alert Bug on Ebay.com.
To be more precise our link now is http://togo.ebay.com

Ok..My XSS alert can be found here http://togo.ebay.com/affiliates/create/

http://funkyimg.com/u/20862ebay_1JPG.jpg

I go to select one version and I crush above

http://funkyimg.com/u/89922ebay_2JPG.jpg

and immediately later click "I WANT THIS ONE"

In the square where asks FOR "ID" I put some string like this

"><script>alert(document.cookie)</script>

http://funkyimg.com/u/82647ebay_3JPG.jpg

and click "Browse"

http://funkyimg.com/u/36366ebay_4JPG.jpg

Now we cannot do anything else other than to use the search with our magic string

"><script>alert(document.cookie)</script>

My Result ? !

http://funkyimg.com/u/95003ebay_5JPG.jpg

That's all .... have fun ppl :D

/Fugitif

Дрэгги

07.12.2007, 01:31

And what's the exact use of all these operations?

Termin@L

07.12.2007, 03:03

Well passive XSS, but the JavaScript code is in the POST parameters, so the victim must enter the needed code by itself?
Think it's useless...

LEE_ROY

07.12.2007, 05:22

nice dude :)

Francuz

07.12.2007, 05:53

to Fugitif:
it is does not work already...

-MoLoToK-

07.12.2007, 07:15

to Fugitif:
it is does not work already...
works for me

symbioin

09.12.2007, 15:50

hmmmm. I thought ebay have safe protect :)

Francuz

09.12.2007, 15:53

works for me
really?!
what browser did u use?

Fugitif

09.12.2007, 16:08

really?!
what browser did u use?

U can try with Mozilla Firefox some string like this one:

http://togo.ebay.com/app/auctionfinder.php?query=%22%3E%3Cscript%3Ealert(do cument.cookie)%3C/script%3EE&page&seller&category=&TZ=-120&block=list

-MoLoToK-

09.12.2007, 23:28

really?!
what browser did u use?
mozilla firefox

~EviL~

10.12.2007, 00:27

What do you intend to do with this passive XSS? I don't say it's useless, but hey, be realistic people, you can hack someone very hard with a passive XSS. Correct me if I am wrong =)

VERte][

10.12.2007, 00:52

You're right but there's one useful thing called SocialEngineering =)

Fugitif

10.12.2007, 02:29

that is only a f****** small and simple example that also one of the greatest sites can be vulnerable.

I want to say ... safety doesn't exist .

~EviL~

10.12.2007, 21:35

that is only a f****** small and simple example that also one of the greatest sites can be vulnerable.

I want to say ... safety doesn't exist .

Fugitif, you are damn right! :D And what goes for the Social Engineering part, imho, I think it isn't a pure 100% hack, because you get your victim to tell you a lot about her. I don't argue, you must have a strong logic, but I am more fond of the technical side of hacking. But, hey, that's just me =)