I am still Fugitif and now I want to show you how can work one vulnerable
XSS Alert Bug on Ebay.com.
 To be more precise our link now is http://togo.ebay.com

 Ok..My XSS alert can be found here  http://togo.ebay.com/affiliates/create/

 [img]http://funkyimg.com/u/20862ebay_1JPG.jpg[/img]

  I go to select one version and I crush above

 [img]http://funkyimg.com/u/89922ebay_2JPG.jpg[/img]

  and immediately later click  "I WANT THIS ONE"


 In the square where asks FOR "ID" I put some string  like this
"><script>alert(document.cookie)</script>

( or nothing we go directly on the "Browse" )

  [img]http://funkyimg.com/u/82647ebay_3JPG.jpg[/img]

 and click "Browse"

 [img]http://funkyimg.com/u/36366ebay_4JPG.jpg[/img]


 Now we cannot do anything else other than to use the search with our magic
string

"><script>alert(document.cookie)</script>

 Result ? !

 [img]http://funkyimg.com/u/95003ebay_5JPG.jpg[/img]


That's all  (sorry another time for the screen, coz only so I can have
shown)


/Fugitif   t3am3lit3@gmail.com  http://nemesis.te-home.net