what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Linkbucks.com Cross Site Scripting / URL Redirection

Linkbucks.com Cross Site Scripting / URL Redirection
Posted Aug 18, 2010
Authored by Aung Khant | Site yehg.net

Linkbucks.com suffers from cross site scripting and URL redirection vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 4458d770dff94c674bd5c775cb9b5c71828b5a9bc39a06ba928ede2625847efc

Linkbucks.com Cross Site Scripting / URL Redirection

Change Mirror Download
==============================================================================
Linkbucks.com XSS & URL Redirection Vulnerabilities
==============================================================================


1. OVERVIEW

A famous link-based advertising network, linkbucks.com, is currently
vulnerable to
Cross Site Scripting and URL Redirection vulnerabilities


2. SITE SERVICE DESCRIPTION

Linkbucks is the first Internet advertising network to recognize that
the interplay
between websites and web users is the foundation of a successful viral
campaign.
Linkbucks brings web users, websites, and marketers together in a way
that is beneficial to everyone.


3. VULNERABILITY DESCRIPTION

The Default.aspx page at linkbucks.com is vulnerable to Cross Site
Scripting vulnerability
as the Message and ReturnURL parameters are not properly sanitized
after a user's logging out.


4. PROOF-OF-CONCEPT/EXPLOIT

+ Cross Site Scripting (OWASP 2010 Top 10 - A2)

http://www.linkbucks.com/Default.aspx?task=completed&MetaRefresh=2&Message="><script>alert(/XSS/)</script>&ReturnURL=/Default.aspx&NoText=true

http://yehg.net/lab/pr0js/advisories/sites/linkbucks.com/xss/linkbucks.com_xss.jpg

+ Unvalidated Redirects and Forwards (OWASP 2010 Top 10 - A10)

http://www.linkbucks.com/Default.aspx?task=completed&MetaRefresh=2&Message=You%20have%20been%20logged%20out.&ReturnURL=http://www.yehg.net&NoText=true


5. IMPACT

As the linkbucks has hundreds of web users, ad publishers and advertisers,
attackers can exploit these flaws for fun and profit.


6. VENDOR

LinkBucks.com
-http://linkbucks.com


7. CREDIT

This vulnerability was discovered by Aung Khant, http://yehg.net, YGN
Ethical Hacker Group, Myanmar.


8. DISCLOSURE TIME-LINE

07-10-2010: vulnerability discovered
07-13-2010: got contact from linksbuck support team via support ticket
"#KHT-97974-227"
07-15-2010: provided vulnerabilities
08-15-2010: vulnerabilities have not been fixed
08-18-2010: vulnerability disclosed


9. REFERENCES

Original Advisory URL:
http://yehg.net/lab/pr0js/view.php/[linkbucks.com]_xss,redirect
OWASP Top 10 - http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project


#yehg [08-18-2010]

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close