i am a very big fan of Amit Agarwal, he is runs a asia's top technology blog and which counts under top 100 tech blogs over the globe! and when i was new to XSS i keep on injecting parameters to different website's different fields and one day i was just spending my time for reading labnol's articles and looking over his blog i just injected XSS parameter and fortunately it did worked :)
after this i have directly gone to my gmail account and write a mail to Amit, telling about that this XSS Vulnerability and also i just screen-casted a video of that vulnerability. and after couple of days the search box of labnol's search box was been replaced by Google's custom web search box (it is probably the safest one) and i was wating for her reply but he did not even thanked me for finding out that vulnerability :(
screen-casted video:
i think a website that is hacked and defaced before should give some respect to their bug hunters and at-least say "thanks" to them.
after this i have directly gone to my gmail account and write a mail to Amit, telling about that this XSS Vulnerability and also i just screen-casted a video of that vulnerability. and after couple of days the search box of labnol's search box was been replaced by Google's custom web search box (it is probably the safest one) and i was wating for her reply but he did not even thanked me for finding out that vulnerability :(
screen-casted video:
i think a website that is hacked and defaced before should give some respect to their bug hunters and at-least say "thanks" to them.
Post a Comment