RAJAKADAL FORUM - Tempat Berbagi Info, Ilmu dan Diskusi
 
IndeksIndeks  PortalPortal  PencarianPencarian  PendaftaranPendaftaran  Login  

Share | 
 

 Google Code site XSS Vulnerable

Topik sebelumnya Topik selanjutnya Go down 
PengirimMessage
RajaKadal
Admin Jancok
Admin Jancok


Jumlah posting : 532
Join date : 14.08.10
Age : 31
Lokasi : Depan Si Kokom

PostSubyek: Google Code site XSS Vulnerable   Fri 16 Dec - 15:35

This vulnerability is claimed to be discovered by two people- Vansh Sharma & Vaibhuv Sharma. Previously, critical SQL Injection vulnerability was found in Google labs website by Shadman Tanjim of Bangladesh Cyber Army last June. It is expected that Google will quickly fix all these bugs to secure themselves better. 8)


POC :

1. Go to [You must be registered and logged in to see this link.]

2. Edit HTML -> Remove All Codes

3. Type this script : <img src="<img src=search"/onerror=alert("XSS_Kadal")//"> then click DEBUG CODE

4. Then first it will show you "Sample must have <head> element" click OK and wait for the window to load if nothing happen then try the same thing again or simply you can click on RUN CODE

5. You will get a popup which is XSS. :o

Note :
Spoiler:
 

source from hackforum.net 8)

_________________
Kembali Ke Atas Go down
http://red-creatives.com
 

Google Code site XSS Vulnerable

Topik sebelumnya Topik selanjutnya Kembali Ke Atas 

 Similar topics

-
» Hanya Sebuah Kalimat Sederhana
» Surabaya dan sekitarnya...............................
» film detective
» JUAL LAHAN PERKEBUNAN DAN PERIKANAN DI PERBATASAN CIPANAS CIANJUR (TAPAL KUDA)
» [WTS] Paddock Ninja 250 CC
Halaman 1 dari 1

Permissions in this forum:Anda tidak dapat menjawab topik
RajaKadal Forum :: Kadal In Your Computer-
Navigasi: