Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:15567
HistoryJan 03, 2007 - 12:00 a.m.

Re: Unpatchable Quicktime XSS

2007-01-0300:00:00
vulners.com
7
JSON

New MySpace XSS by Mx http://mxcore.com for more info

What you need:
Adobe Acrobat Professional (7.0 works)
A server to host the PDF in

  1. Open up Adobe Acrobat Professional.
  2. File > Create PDF > I did From File, but you can do whatever you want.
    This step explains itself pretty much.
  3. You now have a new PDF file. Now what do you do? Simple. Click the
    "Pages" tab on the left side.
  4. You will now see a thumbnail view of all the pages in your new PDF file
    (usually it's just one page).
  5. Right click on that thumbnail and select "Page PropertieS"
  6. Click on the 'Actions' tab.
    **7. For "Select Trigger" choose "Page Open"
    **8. For "Select Action" choose "Open a web link".
  7. Now click the "Add" button below.
  8. Enter the URL you'd like to redirect to in the pop up box.
  9. Save the PDF file (Ctrl + S, or File > Save)
  10. Host it on any page.
  11. Embed using the following code:
    <embed src="http://linktoyour.pdf">

Finished!

Congrats! :p

** Marks that the step can be modified to fit your needs by selecting a
different option. In other words, it means you can mess around with that
step.

JSON