Donate to us via Paypal!
Become the change you seek in the world. - Gandhi
Friday, April 23, 2021
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 91
Guests Online: 91
Members Online: 0

Registered Members: 135602
Newest Member: WSStreetWear17
Latest Articles

View Thread

HellBound Hackers | Computer General | Hacking in general

Author

myspace xss'ed


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-09-06 17:58
I recently have been doing research on various types of injections such as;xss,vbscript,jsscript,html injections.So I was wondering if it is possible(if so how difficult) to utilize any of these attacks against websites such as myspace,xanga,and youtube


Author

RE: myspace xss'ed


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-09-06 18:14
Youtube has a possibilty to XSS now you mention it Wink



Author

RE: myspace xss'ed


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-09-06 18:26
Most of them have XSS but there is not much you could actually do to them though as most of them will have a general protection against cookie stealing


Author

RE: myspace xss'ed

nanoymaster
Member



Posts: 119
Location: ก็็็็็็&
Joined: 20.08.05
Rank:
Wiseman
Warn Level: 30
Posted on 08-09-06 19:14
I presume you are talking about the you tube searchbox XSS


ก็็็็็็็็็็็็็็็็็็็็ กิิิิิิิิิิิิิิิิิิ ก็็็็็็็็็็็็็็็็็็็็ กิิิิิิิิิ
Ask me... ก็็็็็็็็็็็็็&# http://www.nanoy.org
Author

RE: myspace xss'ed


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-09-06 19:23
Good guess Wink

Alot of sites have this exploit though. It isn't that spectacular Pfft


Author

RE: myspace xss'ed


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-09-06 19:25
Instead of asking us, why don't u try to see if theyre vulnerable? Wink


Author

RE: myspace xss'ed


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-09-06 19:40
Good point bluemoose, though I have been,I was just trying to see if I was waisting my time.Also another site everybody needs to look at is ebaumsworld.com I've recently found an xss exploit and i'm pretty sure there's more.


Author

RE: myspace xss'ed

nanoymaster
Member



Posts: 119
Location: ก็็็็็็&
Joined: 20.08.05
Rank:
Wiseman
Warn Level: 30
Posted on 08-09-06 19:47
well since everyone is into XSS hole (personally I am bored of them) check out my list, 101 XSS holes, bugtraq wouldn't accept it so f-them... tell me what you think.
http://www.nanoy.org/50XSS.txt

*edit* BTW I have already tested for file include vulns" and I have another list for them... */edit*


ก็็็็็็็็็็็็็็็็็็็็ กิิิิิิิิิิิิิิิิิิ ก็็็็็็็็็็็็็็็็็็็็ กิิิิิิิิิ

Edited by nanoymaster on 08-09-06 19:48
Ask me... ก็็็็็็็็็็็็็&# http://www.nanoy.org
Author

RE: myspace xss'ed


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-09-06 20:11
Rofl nice collection dude!


Author

RE: myspace xss'ed


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-09-06 20:27
Hehe, nice nanoy Wink


Author

RE: myspace xss'ed


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-09-06 20:37
Ya a ton of sites I go to have XSS vulns, seems like most sites don't even know about XSS...sad lol


Author

RE: myspace xss'ed


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-09-06 20:43
There are XSS flaws in most sites, I used to have 0days for MySpace but didn't bother keeping them stored, because I don't care about myspace.

Having an XSS flaw isn't as trivial as a lot of people think, cookie stealing is only the start of what you can do.


Author

RE: myspace xss'ed

nanoymaster
Member



Posts: 119
Location: ก็็็็็็&
Joined: 20.08.05
Rank:
Wiseman
Warn Level: 30
Posted on 08-09-06 20:47
unfortunatly whiteacid thats not true I saw a while ago on HTS an articl on a keylogger you can insert for XSS there is loads you can do with it, especially if you can insert php code (it's rare but posable)


ก็็็็็็็็็็็็็็็็็็็็ กิิิิิิิิิิิิิิิิิิ ก็็็็็็็็็็็็็็็็็็็็ กิิิิิิิิิ
Ask me... ก็็็็็็็็็็็็็&# http://www.nanoy.org
Author

RE: myspace xss'ed


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-09-06 21:54
That's my point, you can steal data from password managers, you can cause people to XSS others, you can tamper with their router (if it too has flaws), you can port scan them (yes, JS can portscan).


Author

RE: myspace xss'ed


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 09-09-06 05:18
HA HA HA XSS on Myspace. Im pretty sure its possible. Ive done it before but that was before they secured their asshole up tight.

You might come across an article in 2600 about XSSing Myspace through their search engine because it used to be vulnerable. Well too late to try it because they patched that up as well.

Take my advie since ive hacked 4 myspaces already.

Wait for Myspace to be in Maintence. For some reason their scripts i guess stop working as well and a lot of simple things can slip in. Smile

Have Fun, No Malicious crap


Author

RE: myspace xss'ed


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 09-09-06 05:25
has anyone tried a cookie stealer image on myspace? idk if it would work, they probably have their cookies only accepted that one way i can't think of at the moment lol


Author

RE: myspace xss'ed


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 09-09-06 05:37
tried.. no use. and embeded src stuff wont work either.

just read above post. and do wat i say you should