Email Techs

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Thursday, 14 January 2010

2 New Interesting Xss This Week

Posted on 05:19 by Unknown

This Week some of the genius hackers have found some really cool XSS vectors and which i want to introduce to you. These are some which are currently Unpatched and are Hot to use.

 

2 New Interesting Xss This Week

 

Lets see if you guys like them, these are basically good ones and would be useful to you. as i have tested them on some browsers and was found to be working when they were released...

 

IE8 XSS Filter Distorting Facebook

The First one is from Michael Coates, he have written this Facebook Xss in his blog post which is based on IE8, and which is currently Unpatched too. A Hacker can Code a malicious link and send this to the Victim.

 

He also said this haven't been disabled by the facebook security guys and is prone to attack. This provided a great example on the effects of the IE8 XSS filter. He have also written in his previous post about this attack.

 

 IE8_facebook

 

He also have given this screenshot for the demo of the attack and the malicious Link :

http://www.facebook.com/search/?ref=search&q=IE8%3Cscript%3E&init=quick

 

 

Google Maps XSS

google_maps1Discovered by two Indians this vulnerability hit the charts on twitter and was awesome, based on the Google Maps. Pratul Agrawal, Gaurav Baruah were the two authors.

 

 

The Xss is a Simple PoC right now and as per the two authors is currently Unpatched . You should check it out!

 

http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=%3Cscript%3Ealert(%22Google%20Sucks%20!%22)%3C/script%3E&vps=1&sll=28.613554,77.20906&sspn=0.009136,0.013797&ie=UTF8

 

 

Happy Hacking @hackerthedude

Email ThisBlogThis!Share to XShare to Facebook
Posted in Small Hacks, XSS | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Dear Mozilla, Please “DONT” fix this. [Pic]
    Today only i found this pic on Digg and i thought there should be a “DONT” in it. isn't it ? ..
  • Ubisoft Hacked : Fake or Real ?
    Some days ago we got news about Ubisoft being hacked by some hackers and was being believed till yet but after then some news breached out...
  • VMWare Fusion 3.1 Beta On Grounds
    Check out the VMWare Fusion 3.1 Beta which have been out just now. Its includes some of the significant features which many of the users ha...
  • XBox Live Hacked or Suffering Connection Issues
    Today Xbox Live users are suffering some Connection Issues and this is excepted as yesterday only the Xbox live account of Xbox’s Live Prog...
  • Check Network Connectivity With Power of PowerShell [Script]
    Some days ago i got some scripts from one of my friend which was certain to use when pentesting stuff for Testing the internet connectivity ...
  • ‘New Moon” Fans Beware Of Hackers
    We are Getting Constant Rumors from many places that Hackers are going to target the the fans of the upcoming movie “New Moon” ...
  • New iPhone Worm That Attacks Jail Broken iPhones Also
    Well its again the iPhone which have come to the headlines again , But this time the apple is really pissed of with the kind of work the Ha...
  • Yeah, We are Back !
    Guys, i know its been a long time since i haven't blogged the things in information sec. but if you see it was worth it. I got to learn...
  • Ophcrack Guide : Hack Any Password In Windows
    There might be many times you have heard of Ophcrack, now what is actually it well is a popular to crack passwords in windows. Many...
  • MacOSX Gets Massive Security Update
    This is kinda weird but safe for the users at the same time Apple have just launched the update for the Mac OSX with a severe patchment of 9...

Categories

  • Broadband
  • cyberwar
  • Ebooks
  • email
  • Gamers
  • Guides
  • Hacked
  • Hacker The Dude News
  • Hacking
  • Hacking Software
  • keylogger
  • Misc
  • Mobie's
  • News
  • Orkut
  • PHP
  • Pics
  • Pro Hacks
  • Small Hacks
  • Stylize
  • Tools
  • Torrent
  • Tricks
  • Twitter
  • Video's
  • Virus's
  • Weekly Top 10 Internet Tools
  • Windows
  • XSS

Blog Archive

  • ▼  2010 (32)
    • ►  March (7)
    • ►  February (3)
    • ▼  January (22)
      • How To Root Your Nexus One Android Phone [Tutorial]
      • RSA Crypto 768-Bit Keys Cracked
      • Can You Believe Playstation 3 Just Got Rooted - Ge...
      • Techcrunch Hacked
      • BT4 Final, Nmap and Immunity Debugger Updated : Th...
      • Danger : Warning From Electricity [Pic]
      • Deep Look At Netdevilz XSS : Whois.com Hacked
      • 2 New Interesting Xss This Week
      • Gmail Goes https For Secure : Wi-Fi Protection
      • Are You Ready For Nullcon - Goa 2010
      • Angelina Jolie and Barack Obama #1 Choice of Spamm...
      • Interesting Approach To Computer Security : Fail [...
      • HITB Ezine Issue 1 Released : Keeping Knowledge Free
      • US Army Website Defaced : TinKode Strike Again
      • MITM iPhone's PhotoSwap : How To Steal Hot Pics Of...
      • iiScan : Security On The Cloud
      • @purehate_ Launches Online WPA Cracker : 10$ For 5...
      • Windows 7 GodMode Hack [Turtorial]
      • Another Cheap GSM Encryption Hack [Pic]
      • How Youtube Got Hacked : How The F*ck She Did That ?
      • Nir Goldshlager Founds XSS Vulnerability in Google...
      • Intel Website Hacked : Another SQL Injection From Unu
  • ►  2009 (123)
    • ►  December (34)
    • ►  November (30)
    • ►  October (24)
    • ►  September (9)
    • ►  August (6)
    • ►  July (1)
    • ►  June (3)
    • ►  May (16)
Powered by Blogger.

About Me

Unknown
View my complete profile