start > 2006-03-23 > 1
Was it an auto-reply?
labels
| Category: | security |
Was it an auto-reply? 
After two months, hi5 finally replied to one of my emails. I can't really qualify the kind of email, from amusing to plain stupid. Maybe they're just joking with me.. But better to show you the email.From: "hi5 support" <support@hi5.com>Now...let's see if I understood, they will definatly consider adding XSS vunerability has a feature… AHHH!! So that's why they aren't fixing the bug that persists for 2 months. Ok… It seems they have a similar philosophy to Microsoft, it's not a bug but a feature… oh well.
Subject: Re: XSS vunerability in hi5
To: "Paulo Abrantes" address removed
Date: Thu, 23 Mar 2006 20:59:34 +0500
User-Agent: Neotonic Trakken/2.13.4
Hello,Thanks for writing hi5!Thanks for your suggestions! We love hearing from our members how we can make hi5 even better - our members know best! Currently, this feature is not available on hi5, but we will definitely consider adding it.Let us know if you have any other ideas, questions or comments.Sincerely,
Clinton - hi5 Support
Since I don't want to leave you out of context, below follows the 1st email I sent to hi5 support, which was the one that got replied.
From: Paulo Abrantes address removedI think I'm being explicit that there is a problem, and actually, I'm painting a really drastic scenario so they would do something. But I got that reply… So I guess it was just an auto-reply, but in order to not leave the impression that was an auto-reply they delay the email reply...for 2 months.
Subject: XSS vunerability in hi5
Date: Sun, 15 Jan 2006 17:38:19 +0000
Hello, I hope I'm writting for the right email, otherwise please forward this to the developing team of hi5.I'm reporting a XSS problem withing your pages. I've sucessfully managed to inject javascript inside and <img> via events, such as onMouseOver or onError. Currently I've setted up a proof of concept page, inside my profile at:http://www.hi5.com/friend/profile/displayProfile.do?userid=8563539It will automatically redirect the users to a fake login request and the print the information to them. NO INFORMATION IS BEING STORED! This is not a hacking attempt into other users account, only a simple proof of concept. More ellaborated spoofing, or any other kind of attacks, like infite loops with alerts to crash browser, cookie stealing, etc can be achieve via this method.I've found this problem yesterday when I saw that you are allowing certain html tags, I wrote a feedback explaining the problem but today I thought in writting to this email also.I've also published this problem in my blog, in the 14th january and 15th january, which can be found at
no comments |
post comment
Who am I?
My name is Paulo Abrantes AKA pabrantes and I'm a software developer. I'm currently employed at CIIST working as a Java developer in FenixEDU.This blog is mostly about Java programming, domain driven design and snipsnap bliki developing. Everything written in this blog is my personal opinion and it may not reflect the opinions of my employer and co-workers.
Blog subscription
My name is Paulo Abrantes AKA pabrantes and I'm a software developer. I'm currently employed at CIIST working as a Java developer in FenixEDU.This blog is mostly about Java programming, domain driven design and snipsnap bliki developing. Everything written in this blog is my personal opinion and it may not reflect the opinions of my employer and co-workers.
Blog subscription
Links
Home
Paulo's Profile
Post History
Add to Technorati Favorites
Paulo's Photo Gallery
WishList
Posting without Login
Lon3wolf's Blog
MANOWAR's Blog
Max's Blog
Jff's Blog
João Ferreira's Blog
Moon's Blog
Rui's Movie
Blog
Balhau's Blog
Recent PostsJava Programming: Bytecode Injection
Intermission: Sorry For Downtime
Software Developing: Studying The Bliki Domain Model
SnipSnap Developing: Trying to settle a roadmap
System Administration: Load Balancing with Apache
Blogging: Two years have passed
Software Developing: The SnipSnap Saga
Java Programming: Getting your code spicy with Groovy
Software Developing: Fluent Interfaces
Software Developing: Implementing a ShoutBox on SnipsSnip
Software Developing: SnipSnap, SnipIt and SnipSnip
Java Programming: Proxies and Access Control
Java Programming: Proxies and References
Java Programming: References' Package
YALM: Yet Another Layout Modification
For older posts, please refer to post-history for a complete Post History
… and 4 Guests.
Home Paulo's Profile Post History Add to Technorati Favorites Paulo's Photo Gallery WishList Posting without LoginSearch Blog
Fellow Bloggers
Lon3wolf's Blog MANOWAR's Blog Max's Blog Jff's Blog João Ferreira's Blog Moon's Blog Rui's Movie
Blog Balhau's BlogIntermission: Sorry For Downtime
Software Developing: Studying The Bliki Domain Model
SnipSnap Developing: Trying to settle a roadmap
System Administration: Load Balancing with Apache
Blogging: Two years have passed
Software Developing: The SnipSnap Saga
Java Programming: Getting your code spicy with Groovy
Software Developing: Fluent Interfaces
Software Developing: Implementing a ShoutBox on SnipsSnip
Software Developing: SnipSnap, SnipIt and SnipSnip
Java Programming: Proxies and Access Control
Java Programming: Proxies and References
Java Programming: References' Package
YALM: Yet Another Layout Modification
For older posts, please refer to post-history for a complete Post History
Recently Changed
m4ktub- david_zdd
- inos
Software Developing: SnipSnap, SnipIt and SnipSnip (enricod)- Software Developing: SnipSnap, SnipIt and SnipSnip (pabrantes)
- Software Developing: SnipSnap, SnipIt and SnipSnip (enricod)
- enricod
- beautisgift01@yahoo.com
- Java Programming: Bytecode Injection (pabrantes)
- Java Programming: Bytecode Injection (m4ktub)
Logged in Users: (0)