NetCraft Site/Banner HTML Insertion Vulnerability

From: Felipe Moniz (felipeat_private)
Date: Fri Nov 23 2001 - 17:46:54 PST

Next message: Ron DuFresne: "Re: [NetGuard Security] NSI Rwhoisd another Remote Format String Vulnerability"

Previous message: Glenn Valenta: "Re: [ALERT] Remote File Execution By Web or Mail: Internet Explorer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

NetCraft Site/Banner HTML Insertion Problem
By Felipe Moniz, felipeat_private

Vulnerable site:
- NetCraft, www.netcraft.com
- Maybe other sites, running similar programs.

I found a way to insert html in the NetCraft examination.

Description:

I put the html code <img src="http://www.nstalker.com/logo2.gif"> on the
place of my original web server banner.

Now if someone try to access the "What's that site running?" option in the
NetCraft menu, and put to examine 200.184.147.62, will see
http://www.nstalker.com/logo2.gif image as the web server banner. URL:

http://uptime.netcraft.com/up/graph/?mode_u=off&mode_w=on&site=200.184.147.6
2&submit=Examine

Any html code is accepted, as well as javascript, and etc.

NetCraft webmaster was informed.

Best Regards,

Felipe Moniz
felipeat_private
Network Security Specialist
Cel: (55 21) 9203-8587
N-Stalker, Inc.
Digital Security Intelligence
http://www.nstalker.com

Next message: Ron DuFresne: "Re: [NetGuard Security] NSI Rwhoisd another Remote Format String Vulnerability"
Previous message: Glenn Valenta: "Re: [ALERT] Remote File Execution By Web or Mail: Internet Explorer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Nov 23 2001 - 18:19:16 PST