Curse

pablo24 · May 05, 2008, 05:16 PM // 17:16

https://secure.plaync.com/cgi-bin/plaync_login.pl

That's kinda stupid the only serious XSS flaw I found on their site was right on the login page.

Gogo fix it!

Knew this for a while but I figured I'd post because I saw this thread http://www.guildwarsguru.com/forum/s...php?t=10047808.

Btw don't be ashamed plaync... blizzard got the same problem on their e-card site and it still hasn't been fixed even though I reported it like a year ago. =)

Edit: Fixed first link to work for most browsers.

Edit2: Yay it's fixed!

Kashrlyyk · May 05, 2008, 05:38 PM // 17:38

What? What? What?

pablo24 · May 05, 2008, 05:39 PM // 17:39

Quote:

Originally Posted by Kashrlyyk

What? What? What?

Click the linky

Kashrlyyk · May 05, 2008, 05:42 PM // 17:42

Quote:

Originally Posted by pablo24

Click the linky

Did that, one leads me to this thread and the other to the PlayNC login. So what should I see there?

Aba · May 05, 2008, 05:45 PM // 17:45

point??? dont know whats goin on.....

pablo24 · May 05, 2008, 05:46 PM // 17:46

Quote:

Originally Posted by Kashrlyyk

Did that, one leads me to this thread and the other to the PlayNC login. So what should I see there?

I only tested it on firefox, you are probably using IE? Sec lemme fix the link to work for IE too.

Kashrlyyk · May 05, 2008, 05:48 PM // 17:48

Quote:

Originally Posted by pablo24

I only tested it on firefox, you are probably using IE? Sec lemme fix the link to work for IE too.

Opera 9.26

Probably using IE? Should I feel insulted?

12 chars

pablo24 · May 05, 2008, 05:49 PM // 17:49

Ok, edited the first link to work for most browsers.

Kusandaa · May 05, 2008, 05:49 PM // 17:49

The only thing I see that's weird on the first is the series is %20 (spaces) and some other %## I don't remember ATM...

The other link goes right back at this thread.

Can you explain the whole problem though? Is it a security flaw or something?

EDIT: clicked on the link above... wtf... O_o;;...

EDIT2: Using FireFox ATM.

Witchblade · May 05, 2008, 05:50 PM // 17:50

<-- Noob,
What's going on ? ^^

Aba · May 05, 2008, 05:52 PM // 17:52

Im still wondering myself.
used firefox,still clueless.....

Is this what your pointing too????

Quote:

Existing Customer
WHY?! Why does PlayNC have an XSS flaw right on their login page?

Alexandra-Sweet · May 05, 2008, 05:52 PM // 17:52

In short, pablo24 found yet another exploit in PlayNC/Guild Wars that PlayNC/Arena Net can't be arsed to fix.

Rift · May 05, 2008, 05:54 PM // 17:54

The security flaw is that their script will echo the html/javascript directly into your browser.

With this, a malicious user could steal a session from a user, or, as in the first example, redirect the unsuspecting user to another webpage in the context of the plaync website (phishing)

Why? Because sadly even web developers these days fail to understand the severity of such an attack.

Kusandaa · May 05, 2008, 05:57 PM // 17:57

Quote:

Originally Posted by Rift

The security flaw is that their script will echo the html/javascript directly into your browser.

With this, a malicious user could steal a session from a user, or, as in the first example, redirect the unsuspecting user to another webpage in the context of the plaync website (phishing)

Why? Because sadly even web developers these days fail to understand the severity of such an attack.

Thanks for giving me an explanation I can actually understand

Could that be where the possible hacker got his info from? Regarding the hacked accounts thread thingy... I say it's possible >_>.

Kashrlyyk · May 05, 2008, 05:57 PM // 17:57

Quote:

Originally Posted by pablo24

Way less obfuscated, but this should work for most browsers:
https://secure.plaync.com/cgi-bin/plaync_login.pl

Thanks that worked!

Sleeper Service · May 05, 2008, 05:59 PM // 17:59

the normal site is secured and the fake not.
but yeah someone could use that to steal login and pass....ironic no?

Malice Black · May 05, 2008, 06:00 PM // 18:00

Less geek, more street?

pablo24 · May 05, 2008, 06:01 PM // 18:01

Quote:

Originally Posted by Sleeper Service

the normal site is secured and the fake not.
but yeah someone could use that to steal login and pass....ironic no?

With some tweaking the modified site would be secure too.

Kusandaa · May 05, 2008, 06:01 PM // 18:01

Quote:

Originally Posted by Sleeper Service

the normal site is secured and the fake not.
but yeah someone could use that to steal login and pass....ironic no?

Actually if I understood correctly, the REAL site (the https: / / ) one IS flawed... flawed so much someone can redirect to that object that totally creeped me out (wasn't expecting it at all and my speakers were loud x];;; )

But I could be wrong. I'm no expert.

slowerpoke · May 05, 2008, 06:03 PM // 18:03

if this is an expolit you should prolly report it to them and not advertise it here