Friday, August 30, 2013

Multiple Adobe Bugs by Me

Open Redirector:  https://tv.adobe.com/session/?redirect=http://google.com

if a user is logged in adobe..and clicks the link, he'll be automatically redirected to google.com thus an attacker can put an encoded malicious link to harm users of adobe.


Directory Listing:

http://groups.adobe.com/CFIDE/
http://groups.adobe.com/CFIDE/adminapi/
http://groups.adobe.com/CFIDE/administrator/images/
http://groups.adobe.com/CFIDE/scripts
http://groups.adobe.com/CFIDE/images/
http://groups.adobe.com/CFIDE/debug
http://groups.adobe.com/CFIDE/portlets/

and so on....


Open FCKEeditors-

http://groups.adobe.com/CFIDE/scripts/ajax/FCKeditor/editor./filemanager/browser/default/browser.html


http://groups.adobe.com/CFIDE/scripts/ajax/FCKeditor/editor/fckeditor.original.html



Open FIle uploads-

http://groups.adobe.com/CFIDE/scripts/ajax/FCKeditor/editor/filemanager/browser/default/frmupload.html



Persistent XSS in Ebay - One of the best '12 discoveries

I found this bug, last year and this was my first bug and the most precious one.

In order to exploit the vulnerability, attacked would need a seller account.Once login to seller account on eBay, the attacker would create a listing for sale where he put the XSS exploit code.




Here was the page where I injected the code: http://www.ebay.com/itm/181023275832?ssPageName=STRK:MESELX:IT&_trksid=p3984.m1555.l2649 

The mirror is available here: http://www.xssed.com/mirror/79254/ 

In news for this great discover: https://www.google.co.in/search?q=ebay+persistent+xss&oq=ebay+persistent+xss&aqs=chrome.0.69i57j69i62.3702j0&sourceid=chrome&ie=UTF-8