19 February 2007 | 10,271 views

Another 0-day MySpace XSS Exploit

Check Your Web Security with Acunetix

This was a while ago, but once again unsurprising..The amount of security holes that have been discovered in MySpace (to say they hold some pretty confidential info and are a preying ground for paedos..it’s a scary thought).

Once again an XSS flaw shows up in MySpace.

digi7al64 found yet another hole in myspace using non-alpha-non-digit exploit. Again, this time, like last time, MySpace is doing a bad job of stripping out tags. This is the fifth time they’ve been hit by this exact same issue. MySpace should really consider hiring someone who knows how to write while loops. Until then they are vulnerable yet again. The trick is again simple:

<body onload<script=alert(‘xss’);> becomes: <body onload..=alert(‘xss’);> because they strip out the <script tag without recursively iterating over the same string to ensure they haven’t created another vector.

It’s look like they simply blacklisted again as the flaw is still there, but this particular string doesn’t work any more.

Like Forrest Gump might have once said, “Blacklist stripping is like a box of chocolates – you know what you’re going to get.” You never know what the data is going to end up looking like until you’re done stripping it, which is why you need to recursively go over the text over and over until you have found nothing. This is a hard lesson to learn I guess. Nice job, digi7al64!

Watch out MySpace.

Source: ha.ckers.org



Recent in Exploits/Vulnerabilities:
- Hacking Your Fridge – Internet of Things Security
- Important OpenSSL Patch – 6 More Vulnerabilities
- Spotify Hacked – Rolls Out New Android App

Related Posts:
- MySpace Hackers in Police Custody
- Teen Data Exposed on Myspace
- Data Mining MySpace Bulletins

Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 226,868 views
- AJAX: Is your application secure enough? - 119,044 views
- eEye Launches 0-Day Exploit Tracker - 85,035 views

Low-cost VPS Hosting

Comments are closed.