http://www.80vul.com/android/data-clone.txt update
thx jonn Horn(jannh...@googlemail.com)
hitest
2013/3/18 IEhrepus <5up3r...@gmail.com>
> “I'm pretty sure that this is wrong. Apps on the SD card are encrypted. The
>
> crypto is flawed, but not so flawed that this kind
s wrong :( apps install on sdcard ,but the
data on /data/data/xxx , like "Already have super privileges"
thank u :), i will change it .
hitest
2013/3/18 Jann Horn
> On Sun, Mar 17, 2013 at 06:09:09PM +0800, IEhrepus wrote:
> > "Data-Clone" -- a new way
"Data-Clone" -- a new way to attack android apps
Author: super...@www.knownsec.com [Email:5up3rh3i#gmail.com]
Release Date: 2013/03/16
References: http://www.80vul.com/android/data-clone.txt
Chinese Version:
http://blog.knownsec.com/2013/03/attack-your-android-apps-by-webview/
--[ I - Introductio
Allowed From "http://"; To "file://" In The Third-party Browser of IE
Author: www.80vul.com [Email:5up3rh3i#gmail.com]
Release Date: 2011/09/23
Overview:
After MS11-057,From From "http://"; To "file://" is not allowed ,But it work
as well In The Third-party Browser of IE
Disclosure Timeline:
MHTML Mime-Formatted Request Vulnerability Again
Author: www.80vul.com [Email:5up3rh3i#gmail.com]
Release Date: 2011/09/23
Release: http://www.80vul.com/mhtml/mhtml-again.txt
Overview:
After MS11-057,I tested and found "MHTML Mime-Formatted Request
Vulnerability" Occur again.
test this codz on
http://www.80vul.com/firefox/Firebug%20Firefox%20Extension%20Cross%20Context%20Scripting%20Vulnerability.htm
*Firebug Firefox Extension Cross Context Scripting Vulnerability*
Author: www.80vul.com [Email:5up3rh3i#gmail.com]
2011/06/18 - Public Disclosure
*Description*
80vul.com discover
http://www.80vul.com/firefox/detect%20firefox%20extensions.txt
hitest
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
hi
DOMinator can't work on firefox 3.6.17?
hitest
2011/5/18 Stefano Di Paola
> What is DOMinator?
> DOMinator is a Firefox based software for analysis and identification of
> DOM Based Cross Site Scripting issues (DOMXss).
> It is the first runtime tool which can help security testers to ide
http://www.80vul.com/test/gflashtoxml.htm
hitest
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
"site:ebay.com inurl:callback" on google.com
and get this url:
http://sea.ebay.com/jplocal/campany/getcampnum.php?callback=?
then
http://sea.ebay.com/jplocal/campany/getcampnum.php?callback=?%3Cimg%20src=1%20onerror=alert(1)%3E
ofcourse u can use 《xss attacks through utf7-BOM string
injecti
xss attacks through utf7-BOM string injection
the beginning of the utf-7 BOM chascter is from Gareth Heyes's paper 《XSS
Lightsabre techniques》
-start--
CSS expressions with UTF-7
• UTF-7 BOM character can force UTF-7 in a external style sheet
•
nice work to MS
now, let us to wait for the FIX .
.
gogogo
[image: 2000]
hitest
2011/1/28 Michal Zalewski :
> FYI, here's a provisional advisory from Microsoft acknowledging this
issue:
> http://www.microsoft.com/technet/security/advisory/2501696.mspx
>
> /mz
>
_
Security is a general,Many security issues are composed of many
different vulnerabilities of different factory.
like " mhtml:http://www.google.com/gwt/n?u=[mhtml file url]! " this vul
so we come back this vul need two Conditions
Obviously this problem is not clear. A very similar problem ,like the
"HTTP Response Splitting" ,Whose vulnerability? webapp or Server-side
language?
so we come back this vul need two Conditions
1.www.google.com app don't filter the CRLF
2.IE support mhtml protocol handler to render the mhtml fi
Long, long time ago, we heard an interesting legend is www.google.com
will Pay for its vulnerability,so we want to try ...
lucky,A vulnerability has been caught by my friend
PZ[http://hi.baidu.com/p__z], this vul is base on 《Hacking with mhtml
protocol
handler》[http://www.80vul.com/mhtml/Hacking%
Gmail JSON Hijacking Attack Technique
Author:
pz [http://hi.baidu.com/p__z]
hi_heige [http://hi.baidu.com/hi_heige]
Team: http//www.80vul.com
Release Date: 2010/10/14
Overview:
Google Defensives JSON Hijacking by javascript-loops ,like :
"throw 1; " , but it can bypass by [1].
PO
Author: www.80vul.com [Email: saiy1...@gmail.com]
Release Date: 2010/7/10
References:
http://80vul.com/Zend%20studio/Zend%20studio%20location%20Cross.htm
Zend Studio is a commercial, proprietary integrated development environment
(IDE) for PHP developed by Zend Technologies, based on the PHP Devel
---
IEhrepus希望通过 Google 新近推出的一些超酷产品与您保持更密切的联系。
如果您已有 Gmail 或 Google Talk,请访问:
http://mail.google.com/mail/b-4387e3d034-6c1e7bb5df-980a0f82a02d4d92
您必须点击此链接才能与IEhrepus进行聊天。
要获取 Gmail(由 Google 免费提供的一个电子邮件帐户,存储空间为 2,800 多兆)帐号并与
Multiple Exploiting IE8/IE7 XSS Vulnerability
Author: www.80vul.com [Email:5up3rh3i#gmail.com]
Release Date: 2009/06/22
References:
http://www.80vul.com/ie8/Multiple%20Exploiting%20IE8IE7%20XSS%20Vulnerability.txt
Overview:
Tags[not include ] in ie7/8 are don't allowe to run
"javascript:[jsco
[PHP safe_mode bypass with exec/system/passthru] Once again
php public new version :php5.2.10 ,and it fix lots of bugs, like this :
Bug #45997[safe_mode bypass with exec/system/passthru] incorrect fix
php5.2.10
...
b = strrchr(cmd, PHP_DIR_SEPARATOR);
#ifdef PHP_WIN32
if (b && *b
[PHP safe_mode bypass with exec/system/passthru] Once again
php public new version :php5.2.10 ,and it fix lots of bugs, like this :
Bug #45997[safe_mode bypass with exec/system/passthru] incorrect fix
php5.2.10
...
b = strrchr(cmd, PHP_DIR_SEPARATOR);
#ifdef PHP_WIN32
if (b && *b
mb_ereg(i)_replace() evaluate replacement string vulnerability
by ryat#www.80vul.com
when option parameter set e, matchs not be escaped.
ex:
phpinfo() will be evaluated.
mb_ereg_replace()
if ((replace_len - i) >= 2 && fwd == 1 &&
p[0] == '\\' && p[1] >= '0' && p[1] <= '9') {
22 matches
Mail list logo