Advertisement
Guest User

Sony Redirect+NASA XSS

a guest
Feb 15th, 2012
168
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.78 KB | None | 0 0
  1. -TeamHav0k-
  2.  
  3.  
  4. Target: Sony.net
  5.  
  6. Vulnerability: Redirect
  7.  
  8. Founder: Echelon - TeamHav0k 2nd in command
  9.  
  10. Vulnerable Link:
  11.  
  12. http://www.sony.net/cgi-bin/nph-GO.cgi?url=http://twitter.com
  13.  
  14. simply replace "http://www.twitter.com" with the link of your choice.
  15.  
  16. Information:
  17.  
  18. This vulnerability is a critical one because an attacker could have it redirect to a ripped sony phishing site and personal info will be easily obtained.
  19.  
  20.  
  21. NASA XSS:
  22.  
  23. This was found last week, a hacker by the name of "FastFive" requested the help of one of the TeamHav0k Members in figuring out if this subdomain of NASA was vulnerable to XSS or not, so with a little magic from the teams bag of XSS tricks he pulled it off finding yet another XSS in NASA.
  24.  
  25. http://spaceplace.nasa.gov/search/?q=";alert("XSS");"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement