yes pratul it was working on 13th june :) > > > --- On *Wed, 16/6/10, Vipul Agarwal <[email protected]>* wrote: > > > From: Vipul Agarwal <[email protected]> > Subject: Re: [Full-disclosure] yahoomail dom based xss vulnerability > To: "pratul agrawal" <[email protected]> > Cc: [email protected] > Date: Wednesday, 16 June, 2010, 5:29 AM > > Hello Pratul! > > I'm sure that the flaw was working on 13th June when you disclosed it on > the list. > But its not working today and input is being filtered. Please check it out. > > > On Wed, Jun 16, 2010 at 9:49 AM, pratul agrawal > <[email protected]<http://mc/[email protected]> > > wrote: > >> Thanks Brother, >> >> See, how this occurred, Basically in most of the >> cases Developers Simply design a APIs and when the client request for any >> page this APIs gets Stored in the Client side. its main task is to takes the >> user input and shows the result immediately to the client without sending >> request to the server. so when this type of APIs is vulnerable to XSS this >> is called the DOM based XSS. >> >> Now in this case, when we click on [New Folder] for creating any new >> folder and provide any javascript, it directly took by the API stored in the >> client side when the inbox page is load in the client side in yahoomail, and >> get reflected. >> >> that's all the story Bro, hope you understand what i really want to say. >> >> Thanks, >> Pratul Agrawal >> >> --- On *Tue, 15/6/10, Benji >> <[email protected]<http://mc/[email protected]> >> >* wrote: >> >> >> From: Benji <[email protected] <http://mc/[email protected]>> >> >> Subject: Re: [Full-disclosure] yahoomail dom based xss vulnerability >> To: "pratul agrawal" >> <[email protected]<http://mc/[email protected]> >> > >> Cc: "[email protected] <http://mc/[email protected]>" < >> [email protected] <http://mc/[email protected]>>, " >> [email protected]<http://mc/[email protected]>" >> <[email protected]<http://mc/[email protected]>>, >> "[email protected] <http://mc/[email protected]>" < >> [email protected] <http://mc/[email protected]>>, " >> [email protected] <http://mc/[email protected]>" < >> [email protected] <http://mc/[email protected]>> >> Date: Tuesday, 15 June, 2010, 9:57 AM >> >> >> Sup bro >> >> I waz checkin owt ur javascriptz skriptz and waz wonderin if u cud explain >> how diz shiz werks. >> >> Peaze. >> >> Sent from my iPhone >> >> On 15 Jun 2010, at 09:18, pratul agrawal >> <[email protected]<http://mc/[email protected]>> >> wrote: >> >> Its working Bro. I think u had done some mistakes so u try it again with >> check that javascript execution feature is enable in your browser. and bro >> for execution of script it is must to use proper syntax that contain special >> characters. just put "><script>alert(123)<script> in the New Folderfield >> comes in the >> Move button and you will saw a pop up message with 123 reflected. >> >> Have a nice time bro, >> Pratul Agrawal >> >> --- On *Tue, 15/6/10, ㅤ ㅤRockey >> <[email protected]<http://mc/[email protected]> >> >* wrote: >> >> >> From: ㅤ ㅤRockey <[email protected] <http://mc/[email protected]> >> > >> Subject: Re: [Full-disclosure] yahoomail dom based xss vulnerability >> To: >> Cc: >> [email protected]<http://mc/[email protected]>, >> [email protected] <http://mc/[email protected]>, >> [email protected] <http://mc/[email protected]> >> Date: Tuesday, 15 June, 2010, 5:10 AM >> >> >> Tried reproducing on yahoo mail >> both on the classic and new one . Error message i got in both cases were >> >> "Sorry, but your folder name has prohibited characters (please use >> letters, numbers, dashes, and underscores). Please fix it and try again." >> >> Cheers, >> Rockey >> >> -- >> It's all about Hacking and Security >> >> http://h4ck3r.in/ >> >> >> -----Inline Attachment Follows----- >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > > > -- > Thanks and Regards, > Vipul Agarwal > > > > > > -- > Asheesh (Anaconda) > ------------------------------------------------------ > [Web] http://www.asheesh2000.co.nr > [Blog] http://asheesh2000.blogspot.com/ > [twitter]http://twitter.com/akmanit2000 > "attaining one hundred victories in one hundred battles is not the pinnacle > of excellence. Subjugating the enemy's army without fighting is the true > pinnacle of excellence."." > > > > "The future is not some place we are going to, but one we are creating. The > paths are not to be found, but made, and the activity of making them, > changes both the maker and the destination." > ------------------------------------------------------ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
