"If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology." -Bruce Schneier
HTS costs up to $300 a month to operate. We need your help!
What the hell is wrong with the guy above this post? Is that even english? My question is not if he was dropped on his head as a child, but instead, how many times. lol
Tae Kwon Do mutants_r_us_guild is a japanese man you not American because its not the Americans spot
mutants_r_us_guild could you help me please
what happened to your site ? www.mutantsrus.net
I\'ve even found some permanent xss. :
Dominounplugged.com - this one archived my hack. lol :)
o, I get it
n the best thing about xss(I think)
is that its soo easy to find, out of around 10 sites i looked at, 5 were vulnerable on multiple pages
uh... Me. That\'s who. I just wanted to sho people a small xss sample. It wont be permanent, but could be permanent in some situations.
mutant, those holes r pretty easy to find..
but who exactly asks people to exploit things on their site???
Hey man I\'m just abit confused with your XSS article. And I love Cross-Scripting but I\'m so confused on how to redirect someone to another page with a cookie stealer, please message , or you can talk to me through aim.;
whats up fool you get my email? i got into a site with SQL. i sent you the URL for the site
More XSS attempts:
Well, now I\'m not anymore. Why did you remove the app challenges. They\'re all gone!
you\'d be far from it after i remove teh points for missions you\'ve made.
YEAH! I\'m Elite!
yes...i am from your cbox :P
haha, ive found both xss holes, prepare to die...
lol, nah im nice, but i was bored and i have the script saved in a .txt
so it is recommended that nobody pisses me off
What is going on?
Did I NOT make myself CLEAR? I WILL REMOVE YOUR ACCOUNT.
I posted a link to the uncensored article hosted on my server. HTS can\'t be held responsible. I would take the blame.
I figured I\'d post this here...
The reason I removed the XSS links from your article is simply because, they work. You could have just given:
People can still understand why it works and its not targeted at anyone.
As sas01 said, It\'s our job to make sure this website doesn\'t get taken down due to \'illegal activity\'. Posting working XSS \'sploits falls into that catagory.
Next time, just use example.com sites instead of vulnerable websites.
Apology accepted. :)
Hey, I read what you said, and i realize now that I was wrong, and what you are saying is of course right. Sorry man. :)
Since I could say I love myself as well and
It\'s been a while
Since I\'ve gone and f****d things up just like i always do
It\'s been a while
But all that s**t seems to disappear when i\'m with you
But everything I can\'t remember as f****d up as it may seem
the consequences that I\'ve rendered
I\'ve gone and f****d things up again
It\'s Been a While
it\'s been a while XD
Ah.. I remember now. You don\'t use the admin.php to enter the password. You go to the database page. Although you can use the admin page if you know how php works. ?password=___. Also as far as brute forcing, make sure you are using md4 not md5. It gave that hint when the guy said everything was like ten years out of date.
It should take about 10 seconds or less to crack.
Um i did i googled the site got the directorys already but then i dont know what to do caue brute forceing isnt working ;( help????
More XSS tests
<<script alert:(XSS) <</script
lol that\'s really good, i like it :P