[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Vulnerability-lab.com XSS
- To: Luis Santana <hacktalk@xxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Vulnerability-lab.com XSS
- From: Ferenc Kovacs <tyra3l@xxxxxxxxx>
- Date: Sun, 5 Feb 2012 21:09:45 +0100
On Fri, Feb 3, 2012 at 4:21 PM, Luis Santana <hacktalk@xxxxxxxxxxxx> wrote:
> Earlier today I tried to contact the people over at
> http://vulnerability-lab.com about an XSS vulnerability I found on their
> site (ironic) but it appears they want nothing to do with me. Praise
> Full-Disclosure.
>
> [image: Vulnerability-lab.com XSS - HackTalk
> Security]<http://i.imgur.com/CripA.jpg>
>
> http://i.imgur.com/CripA.jpg
>
> The Irony Of A Site For Disclosing Site Being Itself Vuln To Something So
> Trivial
>
>
>
> Basically I tried to report this issue to them through a private message
> on youtube and then a follow request on twitter (so I could DM them) but to
> no avail. Eventually rem0ve joined freenode and messaged me and told me he
> didn’t want to be cooperative with me or even be friendly. Sometimes being
> a prick just makes you look like an idiot.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Judging from the screenshot, it seems to be a reflected XSS through the
User-Agent field.
I would be curious how could this be exploited from the client side as you
can't manipulate other visitors User-Agent header.
Of course if the User-Agent is logged and the admin area which displays the
logs has the same defect, then this is a different story.
--
Ferenc Kovács
@Tyr43l - http://tyrael.hu
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/