|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Felipe Moniz (felipe
nstalker.com)Date: Fri Nov 23 2001 - 19:46:54 CST
NetCraft Site/Banner HTML Insertion Problem
By Felipe Moniz, felipenstalker.com
Vulnerable site:
- NetCraft, www.netcraft.com
- Maybe other sites, running similar programs.
I found a way to insert html in the NetCraft examination.
Description:
I put the html code <img src="http://www.nstalker.com/logo2.gif"> on the
place of my original web server banner.
Now if someone try to access the "What's that site running?" option in the
NetCraft menu, and put to examine 200.184.147.62, will see
http://www.nstalker.com/logo2.gif image as the web server banner. URL:
http://uptime.netcraft.com/up/graph/?mode_u=off&mode_w=on&site=200.184.147.6
2&submit=Examine
Any html code is accepted, as well as javascript, and etc.
NetCraft webmaster was informed.
Best Regards,
Felipe Moniz
felipenstalker.com
Network Security Specialist
Cel: (55 21) 9203-8587
N-Stalker, Inc.
Digital Security Intelligence
http://www.nstalker.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]