| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: booger at unixclan.net (security snot) Subject: SUMMTERTIME 0d4y POPPYTOP PHP i get out of school YAY morning wood is my friend, be warned. ----------------------------------------------------------- "Whitehat by day, booger at night - I'm the security snot." - CISSP / CCNA / A+ Certified - www.unixclan.net/~booger/ - ----------------------------------------------------------- On Sat, 19 Jul 2003, Franks and Beans wrote: > NEW MAIL LIST START! 0D4Y@...isALLiKNOW.COM TO JOIN! YAY!!! > I LUB U MUMMY FOR NEW SERVER! YAY!!!!!!! > > > ------------------------------------------------------------------ > - EXPL-A-2003-016 exploitlabs.com Advisory 017 > [still, no one tell me what number mean! plz!!!] > ------------------------------------------------------------------ > -= PoppyTop PHP =- > > > Donnie Weinerzucker > July 18, 2003 > I <3 XSS > > > Intro: > --------------- > I sorry for posting no good before to list, my mommy say i special > and i think i go make every1 happy but they hate me, why! > i just want be elite hacker like mitnick but no one teach me exploit > they say "you learn" but i just want hack nasa .gov sites, and play > with my sub7 and trojans [e-mail me for trade sub7 LEGEND!] > > help plzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz > > > > ANTHONY AYKRUT! I LOVE UUUUUUUUUUUU!!!!!!!!!!!!!!!!!! MAKE ME BABY!!! > > Vunerability(s): > ---------------- > 1. XSS Vulnerability > 2. Elite Hacker Stuff > 3. Bad Code & Credit Stealing > > > Product: > -------- > PoppyTop PHP script i make for friend > 2 people use, me and him. pricate code > But i no code good, no know how to code at all > so i find exploit and now i share 0d4y!!@$!@$ > > > http://exploitlabs.com/files/woods/poppyt-php.zip > > > > Comments: > ------------------- > I stupid fat head and have fat face and I only > have sex with my mouse and pet iguana > > i coding new program called cornioPLP, it program > let you execute many thing from web. many wholes you > can find in it soon when i upload to me website > If u find wholes and you tell any1 i sue u cuz i can > do that cuz u bad person > > > > Description of product: > ----------------------- > "poppytop php program that allows you to edit your main index page > on the fly through get or post to php script" > http://exploitlabs.com/files/woods/poppyt-php.zip > Author: Donnie Werner > > Requirements: > Webspace with PHP support. > have been developed over a Apache + PHP > platform running in Windows XP[sum1 give me linux shell plzzz i never use unix be4 i hear u hack on linux] > and have not been fully tested because I don't knwo how code > > ummm.. ok hint: it runs on my box along with the backdoor on it > > > > VUNERABILITY / EXPLOIT > ====================== > Another bad code page editor php script with many flaws... > > > 1. XSS, if u edit u page and put: > > "<SCRIPT>alert(document.domain);</SCRIPT><SCRIPT>alert(document.cookie > );</SCRIPT>" > > it go show u cookie! HAH why I so elite. > "the JS code is rendered / executed in the the users browser." [i copy > from xss101 cause i no no english] > > 2. XSS Vunerabilities lay in everything that u change in > main index page. and no authentication so u can hack many > pages [mine and my friend] > > 3. backdoor on my computer and i hack and i no know how to get rid of > > 4. I know elite trojan stuff in visual basic > > 5. I die and should suck > > > > EXPLOIT CODE: > ------- > input <script> above and hack everybody! > > can sum1 teach me what so big about xss? i make popup but i no > know what to do then, how i do command? like "defaced by l33t h4cker w00d" > > why u hate my limp arm > > > Local: > ------ > everything remote is local!!! > > Remote: > ------- > yup we got XSS and stuff via remote > > > Vendor Fix: > ----------- > There is no fix on 0day because I don't know how to code. I make > the script i now make adv for, someone fix it or i sue u for hacking > > > Vendor Contact: > --------------- > Yep, i contacted me self but i realize i faggoty head > > > Credits: > -------- > > Donnie Werner (morning_wood@...me4.com) > 5685 Eagle Pky #2 > Ferndale, Wa 98248 > 360-312-8011 ~ call me if you want to talk about XSS > SSN# 313-59-7823 > > I 38 and divorced 1 time [i beat her so she leab me,want see divorce papers?] > but i think i l33t so i hangout with 16 year olds on irc, YAYYYYYYYYYY > > visit my sites! > exploitlabs.com (maybe some day i learn more than xss) > nothackers.org (the XSS 0y34r ph34r, "Freedom of voice" till you say something i no like) > and other lame sites that have nothing! > > Original advisory may be found at > http://exploitlabs.com/files/advisories/EXPL-A-2003-016-popfe.txt > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Goodbyes; > > I make song about XSS, everyone look how elite; > > > "I love u, u love me, we're a happy family > with a pop up here and pop up there > we make popups but dont know where to go from there" > > > YAY!!!!!!!! if u copy & put on u site i sue u cuz it copy write > > No one contact me from defcon yet, plz defcon! i know xss in obscure scripts > nobody uses, i teach mad l33t stuff! > > > > Greets; > > Project cOd, Donnie Weiner, w00w00[i know null technique] > badpack3t(i'm almost as lame as you! nice sploitz!), the cisco kyd, moot bailey, > > > > 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y > 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y > 0d4y thinking caps on! > > 0D4Y EXPLOIT ON FULL DISCLOSURE ~ THEY MAIL YOU PASSWORD BACK IN CLEARTEXT > HAHAHAH HOW LAME THAT IS?!?!@?!@ HAHAHAHHA-ROFLMFAOHAHAHAHHAA > > > XSS THE PLANET!!!!!! YEAHHH!!!!!!!!!!! LUCY!!!!! > > THE END > -- > _______________________________________________ > Get your free email from http://www.singapore.net > Get US $10 Now: http://www.resource-a-day.com/members2/rsathyamurthy > > Powered by Outblaze > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html >
Powered by blists - more mailing lists