Sunday, November 20, 2011

XSS through javascript injection in Speed-Bit Search Engine

There is a XSS through JavaScript Injection vulnerability in the Home page of Speed Bit Search Engine.

http://search.speedbit.com/

In Media:
The Hackers News:
http://www.thehackernews.com/2011/11/cross-site-scripting-vulnerability-in.html
Softpedia News:
http://news.softpedia.com/news/Indian-Hacker-Finds-Vulnerability-in-Speed-Bit-Search-Engine-233645.shtml

Technical Description of this Issue:
The XXS filter is filtering normal html /script /iframe tags but XXS can be achieved by injecting JavaScript event "onmouseover()".

Proof of concept:
To exploit this vulnerabilty follwthis steps:

1) Visit this URL

http://search.speedbit.com/?aff=grbr" onmousemove="alert(document.cookie)



2) Bring mouse cursor over the hyperlink shown in the attached POC! and you should see a POP up box showing the browser cookies.


The search engine might not be as popular as Google, but a large number of users could be affected if a black hat would profit from the flaw.