Create an Account
username: password:
 
  MemeStreams Logo

On the Yin and the Yang

search

Acidus
Picture of Acidus
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Acidus's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
On the Yin and the Yang
Topic: Technology 3:52 am EDT, Sep 13, 2005

acidus@reload dist]$ java -jar XSSScanner.jar http://zero.webappsecurity.com
--
Crawling...
---
Done (200 OK: 20 404 Not Found: 5)
Checking "http://zero.webappsecurity.com/banklogin.asp?serviceName=FreebankCaastAccess
&templateName=prod_sel.forte&source=Freebank
&AD_REFERRING_URL=http://www.Freebank.com"

Using tracer:XSSTracer7699183
checking param "serviceName"
checking param "templateName"
checking param "source"
checking param "AD_REFERRING_URL"
Checking "http://zero.webappsecurity.com/plink.asp?a=b&c=12"
Using tracer:XSSTracer17510567
checking param "a"

*** FOUND TRACER using param "a" in "http://zero.webappsecurity.com/plink.asp?a=XSSTracer17510567&c=12"

checking param "c"

*** FOUND TRACER using param "c" in "http://zero.webappsecurity.com/plink.asp?a=b&c=XSSTracer17510567"

Checking "http://zero.webappsecurity.com/banklogin.asp?err=Invalid+Login:"
Using tracer:XSSTracer27744459
checking param "err"

*** FOUND TRACER using param "err" in "http://zero.webappsecurity.com/banklogin.asp?err=XSSTracer27744459"

---
3 XSS Holes found.
3 unflitered params found
1 vuln form found
--

[acidus@reload dist]$



 
 
Powered By Industrial Memetics
RSS2.0