Waraxe IT Security Portal  
  Login or Register
::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  ::
November 29, 2020
Menu
 Home
 Logout
 Discussions
 Forums
 Members List
 IRC chat
 Tools
 Base64 coder
 MD5 hash
 CRC32 checksum
 ROT13 coder
 SHA-1 hash
 URL-decoder
 Sql Char Encoder
 Affiliates
 y3dips ITsec
 Md5 Cracker
 User Manuals
 AlbumNow
 Content
 Content
 Sections
 FAQ
 Top
 Info
 Feedback
 Recommend Us
 Search
 Journal
 Your Account



User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9145

People Online:
Visitors: 293
Members: 0
Total: 293
PacketStorm News
Currently there is a problem with headlines from this site
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index
Search found 6 matches
XSS cookie stealer in youtube !
PostForum: Cross-site scripting aka XSS   Posted: Thu Jul 31, 2008 2:04 am   Subject: XSS cookie stealer in youtube !
NEUR0BASHER
 
Replies: 5
Views: 14149




I tried that on vBulletin® Version 3.7.x with enabled HTML
the cookie included the USER ID and USER PASSWORD


PWNED
greetinx go to my
pwnographic friends!
vBulletin 3.6.8 Phishing Site
PostForum: vBulletin Board   Posted: Fri Apr 11, 2008 4:17 am   Subject: vBulletin 3.6.8 Phishing Site
NEUR0BASHER
 
Replies: 3
Views: 5134




vBulletin 3.6.8 Phishing Site

As I have already explained [url=http://www.waraxe.us/ftopict-2482.html#10727]in the other thread it's not possible to fetch the password hash from the cookie. All I w ...
[vBulletin] [Tutorial] Password logger
PostForum: vBulletin Board   Posted: Wed Apr 09, 2008 12:12 am   Subject: [vBulletin] [Tutorial] Password logger
NEUR0BASHER
 
Replies: 52
Views: 80402




nice script - if you can tell me how to gain access to an ftp server I could even check it out;-)
vbulletin 3.6.8 exploit
PostForum: vBulletin Board   Posted: Tue Apr 08, 2008 6:13 pm   Subject: vbulletin 3.6.8 exploit
NEUR0BASHER
 
Replies: 11
Views: 53550




it isn't getting bbsessionhash. It's only getting bblastvisit and bblastactivity. Also it looks like you need have the html page on the same domain as the forum, or it won't accept it as it's not on t ...
XSS cookie stealer in youtube !
PostForum: Cross-site scripting aka XSS   Posted: Sat Apr 05, 2008 1:50 pm   Subject: XSS cookie stealer in youtube !
NEUR0BASHER
 
Replies: 5
Views: 14149




This is a simple but effective XSS link hidden in a youtube embedding code. When the user hovers the video with the mouse all cookie data, referrer url, ip address and browser agent info will be sent ...
vbulletin 3.6.8 exploit
PostForum: vBulletin Board   Posted: Sat Apr 05, 2008 9:03 am   Subject: vbulletin 3.6.8 exploit
NEUR0BASHER
 
Replies: 11
Views: 53550




Hi!

vBulletin 3.6.8 XSRF/XSS Vulnerability
vBulletin Version: 3.6.8 Patch Level x and possible lower

As administrators can use html in the usertitle an attacker can update the profile of an adm ...
Page 1 of 1
All times are GMT
  




Powered by phpBB © 2001-2008 phpBB Group






Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2020 Janek Vind "waraxe"
Page Generation: 0.094 Seconds