# Exploit Title: eVestigator Real-Time Windows Cyberwall Suite - Reflected XSS # Date: 22/Jul/17 # Exploit Author: deVestigator # Vendor Homepage: https://evestigator.com.au/ # Software Link: N/A # Screenshot: N/A # Version: Unknown # Tested on: N/A # CVE : N/A eVestigator Real-Time Windows Cyberwall Suite - Reflected XSS Version affected: Unknown App Info: "You will also see a massive boost in the speed and efficiency of your website. It has the ability to block out entire countries as well. It is one of the first major defences to prevent Cyberattacks on your organisaton." Credits: deVestigator (@deVestigator) -:: The Advisory ::- The web application is vulnerable to a reflected XSS attack on "/cyberwall.asp" in the "d" GET parameter. This vulnerability allows a potential attacker to steal the cookies of a user to hijack their session or expose personal information. -:: Proof of Concept ::- Accessing the following URL will trigger the reflected XSS attack. https://www.evestigator.com.au/cyberwall.asp?d=%3cscript%3ealert%280%29%3c/script%3e The browser will spawn an alert dialog with the message "0." This demonstrates a successful reflected XSS attack. The attack payload could be changed to steal cookies and send them to a remote domain to steal sessions. No user interaction is required to trigger the XSS attack. -:: Solution ::- User inputs should be escaped when writing web applications. Directly including user input inline with a webpage's HTML makes it vulnerable to XSS attacks. Disclosure Timeline: - 22Jul17: Vendor is informed about advisories. - 22Jul17: Advisory released to the public. === EOF ===