change what we need!: 2012

XSS Found in Official web site of Samsung

Posted in | at 11:12 PM

After a long time back in action with big boom.actually last 1 or 2 months i planed to post here something but unfortunately i have no topic for post here...:P
I am big fan of samsung galaxy s3 and i want it so as usually open Samsung's official web site and start to explore it.... bt we are Hacker i found something when i searched on web site and i forgot that why i am here and my devil.exe start ..lolzz
forgot all this thing it just "MASTI"
HERE WE GO...

WHAT IS XSS:



·         XSS is a type of computer security vulnerability typically found in Web applications, such as web browsers through breaches of browser security, that enables attackers to inject client-side script into Web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy. effect may range from a petty nuisance to a significant security risk, depending on the sensitivity of the data handled by the vulnerable site and the nature of any security mitigation implemented by the site's owner.

TYPES OF XSS :
  • Persistent XSS (PERMANENT)
  • Reflective XSS (TEMPORARY)

Impact of Cross-Site Scripting

  • Hijack an account
  • Spread Web worms
  • Access browser history and clipboard contents
  • Control the browser remotely
  • Scan and exploit intranet appliances and applications

Detecting a XSS Attack

<SCRIPT>ALERT("UK")</SCRIPT>
use this script in search box if u get a pop alert box then it means there is an xss 

 xss Example :

mr.uk45 found an xss vulnerability in Samsung's official web site 
open this web site got to search box and type 
 <SCRIPT>ALERT("UK")</SCRIPT> and hit enter 

 

 

 

 

 

 

now how you can misuse it :P

make your own phishing page 

use this script in search box

<iframe src="your phishing link" width="1000px" height="1000px" />

 

 

 

 

 

 

you can steal cookie using 

<script>alert(document.cookie)</script>

use your social engineering skill and hack the planet :)  

have a safe hacking :D :P



  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • Twitter
  • RSS
Read Users' Comments (0)

BEST WAY TO HIDE IP

Posted in | at 1:51 AM

HY friends ..
new and trusted way to hide your ip
Trust me ..after reading this you must say that we dont need to pay anything for surf anonymous
Here we goo,,,,,,
just go to anonymizer.com
and download or buy anonymizer universal
you have to pay only $79.99 for it
finish now you can surf anonymously...lolzz
i am just kiding..we are hacker we never pay

now its time to start our devil mind's devil exe.....
step 1)
just replace .com to .ru
click here




the site convert in russian version...

step 2)
Now in top of site you find the box  just type site what you want to access..!

here i am typing www.google.com






why we use russian web site?
ans:-
Most of the russian web sites are free so no need to pay anything
More important thing is most of the russian web site create by computer criminal bcz there is no IT act
so only one criminal can understand the other criminal's need! :P

AND MORE INTRESTING THINGS IS THEY HIDE THEIR LOGS ...
SO TRUST ME THERE IS NO WAY TO TRACK YOU BY UR IP ADDRESS ...ENJOY HACKING
note:: i recommended that use https:// when u browesing facebook or anyother social site!!










  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • Twitter
  • RSS
Read Users' Comments (0)
Subscribe to: Posts (Atom)