lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed Dec  7 22:26:21 2005
From: c0ntexb at gmail.com (c0ntex)
Subject: Re: Google is vulnerable from XSS attack

Excuse me, I clicked send too soon....

As I was saying.... You found a bug, and thats great, well done,
congratulations.

However, at the end of the day that is all it is. A bug, write it off
and end the thread, you have not found the holy grail, you have not
discovered the akashic records on this plane, rather you just found a
silly, yet valid bug in a random web site. Remember that monkeys can
be trained to click a mouse button and paste a 20 letter string in to
a URL.

On 07/12/05, ad@...poverflow.com <ad@...poverflow.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> where is your heap overflow ?? (XSS easy targets) ;>
>
> n3td3v wrote:
> > Hackers own Google while vulnerabilities remain unpatched. Once they
> > patch a vulnerability, they can own me again! Until then... Google is
> > in the hands of hackers.
> >
> > Since you're having a stab at me. Wheres your Google and Yahoo
> > vulnerabilities? Naw, you don't have any. You prefer to go looking for
> > your SQL injections and cross site scripting in web sites no one has
> > ever heard of or cared about before (easy targets).
> >
> > As the score goes, how many high profile brand names have you found
> > vulnerabilities for?
> >
> > Fancy having a hacking challenge for finding vulnerabilities in major dot-com's?
> >
> > Lets do it!
> >
> > On 12/7/05, Morning Wood <se_cur_ity@...mail.com> wrote:
> >
> >>who owns you? hint: Google ( they own the world )
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
> >
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2 (MingW32)
>
> iQIVAwUBQ5dYr6+LRXunxpxfAQImGRAAj0gfdT3D3Y5XS5H4iIDujA3l8fCXah0F
> vOxvmPWSFgIvicoNTITrX/MNCqnFXhR5tpbk3m4gUsfb+i4VHoEiNy/GcT3XB2VY
> ZDSqA3lso3kNH9g+LrVMkI9TnLLKJxicbiJRNFusCQcKECDivipuU/hdMiWM/M2j
> h+Uh9bCrl5cWFRcsj8WZDeOZu2jtR4lsh96zdkZAQ+IT9M+auwRAoi9KUvcVuyCO
> 8zoFPmLUsecMU0fc7IeTtODZrhgR9IDQ0kqfRGJpuyR97du7TZrFs+yqzgMn9C2E
> AU+5b3B51Mi62yGpAvXf89nboMoNOoHNdsd2XhuY36VtRoNeuv0PGDIpB5uxlq+v
> OezZ9JcBeWYzxXvwlLB4rSlcsN77uR9DoPvx/bCHQLXd2O/1w01/D5PZw3VUHvxJ
> p7v1FRPBGshqG53RkATbZFKwCyZebYTWbY4E/8hOne1m+wH9hZEk6TVfKwtOmFwE
> /z5vO2jgULeTTKMOrDWQyaiRRC2Kz5iN7BLTBLOVU2nWTPkY2l06dQoo9xXQ/fnS
> MmIyzIYbA+Yc17rddxuRM3TCJ7OBbETQkuOBIFNlTRg2UwnzXskAhxD2H9Qyc9hu
> CPWTQ6IEbB6jMTP18WChzYr5yk475bYLxghdIktvMteCgAB1Q0FxL/bhuVRf8Ipv
> v4guvZNJVhs=
> =wspa
> -----END PGP SIGNATURE-----
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>


--

regards
c0ntex

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ