Skip to main content

xss in Microsoft mobile domain

By
Cookies xss in Microsoft mobile domain also it have xframe open vulnerability for click jacking

Domain: m.microsoft.com

Poc url steps for reproduce issue are same in both url so I am send both url and steps by using one of them

Poc urls :
1.        http://m.microsoft.com/showcase/en/US/Search.mspx?a=results&mid=3900&phrase=%5burl%3djavascript:alert(document.cookie)%5dClick%20here%20to%20see%20Result%5b/url%5d&Search=

2.       http://m.microsoft.com/showcase/en/US/search?pageindex=sv1:2&phrase=[url%3djavascript:alert%28document.cookie%29]click%20here%20and%20see%20your%20result[/url]

Vulnerable parameter: phrase=

Steps for reproduce issue
Poc url
http://m.microsoft.com/showcase/en/US/search?pageindex=sv1:2&phrase=[url%3djavascript:alert%28document.cookie%29]click%20here%20and%20see%20your%20result[/url]

when users use url .That give a result in Microsoft site like



Result is show click here to see result

When user click on that xss payload run its depend on you which type you want like alert , prompt or more harmful for users like steal cookies of users of Microsoft account



More like cookie xss


When I am more research on that I found that its also have click jacking vulnerability then I am use that also with xss now  







I am set new poc and make a site with some button when user come to my site and click on any button I can steal users cookie of Microsoft account with sessions

See how … that’s my site when come




User click on click here button







See what’s behind the click button



In behind a Microsoft site page in a frame by this an attacker can easily capture cookies of users

Thanks…….  Happy hunting

Poc By --  Jitendra Jaiswal

Facebook/desihack
twitter/jeetjaiswal22
Labels:

Comments

Post a Comment

Popular posts from this blog

HC WeB : A Browser for HACKERS...

By
A Browser for HACKERS... Try for Free... Download HC WeB Setup Gallery: Online Penetration Testing Tools Index Information Gathering Whois DNS Location Info Enumeration and Fingerprint Data Mining Search Engines Editors Online Text Editors Share Text Snippets Network Utilities Ping HTTP HTTPS VNC Remote Desktop SSH DNS Sniffers Misc Forensics Frameworks URL Cloaking E-mail Password Cracking Encoders and Decoders Encoders Decoders Malwares Malware Analysis Identify Malicious Websites Suspected Malicious IPs and URLs Application Auditing SQL Injection Cross Site Scripting File Inclusion Anonymity Proxy Others Hackery Open Penetration Testing Bookmarks Collection Hacker Media Blogs, Forums, Magazines and Videos. Methodologies Penetration testing frameworks, standards and methodologies. OSINT Presentations, People, Organizations and Infrastructure.  Exploits and Ad
Post a Comment
Read more

Edward Snowden nominated for Nobel Peace Prize 2014

By
Now there is really great news for all the supporters of Former National Security Agency ( NSA ) contractor Edward Snowden , as he is nominated for the 2014 Nobel Peace Prize by two Norwegian lawmakers. Snorre Valen and Baard Vegar Solhjell , parliamentarians from Norway’s Socialist Left Party said, “ He has contributed to revealing the extreme level of surveillance by nations against other nations and of citizens ,”     Edward Snowden revealed various widely extended NSA spying projects and responsible for handing over the material from one of the world's most secretive organizations the NSA. He faces charges of theft and espionage and is in Russia on temporary asylum. “ Snowden contributed to people knowing about what has happened and spurring public debate ” on trust in government, which he said was “ a fundamental requirement for peace ”. Snorre Valen also added that, “ There’s no doubt that the actions of Edward Snowden may have damaged the securi
Post a Comment
Read more

Facebook Open URL Redirection Vulnerability

By
About 2 week ago, I discovered an open url redirection vulnerability in Facebook that allowed me to have a facebook.com link redirect to any website without restrictions & users  confirmation Description: [#] Title           :  Facebook Open URL Redirection  [#] Status        :  fixed [#] Severity     :  High [#] Works on  :  Any browser with any version [#] Homepage  : www.facebook.com [#] Author       :  Jitendra Jaiswal ( India ) The flaw exists in the way facebook handled the u parameter. Visiting the link below would always redirect to the facebook homepage: http://www.facebook.com/a.php?u=http%3A%2F%2Fjeet.com But I noticed that changing the url to a another url , for example: http://www.facebook.com/a.php?u=http%3A%2F%2Fyahoo.com in that the target destination yahoo.com and it will redirect successfully: http://www.facebook.com/a.php?u=http%3A%2F%2Fyahoo.com Facebook have the ability to filter and ban particular websites from redirect
Post a Comment
Read more