lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Mon, 24 Sep 2007 01:22:26 -0400
From: scott <redhowlingwolves@...lsouth.net>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Greek Web Election System Sucks - Remote File
 Inclusion?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ROFL!

Spanish backdoors exported gold and other valuables in the past!Entire
continents even?



Joey Mengele wrote:
> This comes as no surprise. Most Greek stuff is susceptible to a
> back door style attack. This type of assault has been documented
> throughout modern history. [1]
>
> J
>
> [1] http://www.urbandictionary.com/define.php?term=Greek+Style
>
> On Sat, 22 Sep 2007 20:46:45 -0400 ascii <ascii@...amail.com>
> wrote:
>> George Papandreou wrote:
>>> There is no wonder why in hell Kostas Karamanlis is still our
>> prime minister!
>>>
>> http://www.ekloges.ypes.gr/pages/index.html?http://www.secunia.com
>>
>>>
>> http://www.ekloges.ypes.gr/pages/index.html?../lib/../lib/jslib.js
>>
>>> http://www.ekloges.ypes.gr/pages/index.html?../lib/default.css
>> client side stuff, no rfi here.
>>
>> <script type="text/javascript">
>>
>> function fillFrame() { var a=location.search; a=(a ? a.slice(1) :
>> 'epikratia_map.html');
>> document.getElementById('data_frame').src=a; }
>>
>> </script>
>>
>> this can be used to execute JS using the javascript: handler so
>> it's a security issue
>>
>> http://www.ekloges.ypes.gr/pages/index.html?javascript:alert(%22hel
>> o%22);
>>
>> have you notified the webmaster?
>>
>> bye, Francesco `ascii` Ongaro http://www.ush.it/
>>
>> _______________________________________________ Full-Disclosure -
>> We believe in it. Charter:
>> http://lists.grok.org.uk/full-disclosure-charter.html Hosted and
>> sponsored by Secunia - http://secunia.com/
>
> -- Learn digital and video photography techniques, lighting and
> printing. Click now.
> http://tagline.hushmail.com/fc/Ioyw6h4fQtD75ifHptieNQWWIgly9a5eCstemyzNmIy2Lb1PTeKSRC/
>
>
> _______________________________________________ Full-Disclosure -
> We believe in it. Charter:
> http://lists.grok.org.uk/full-disclosure-charter.html Hosted and
> sponsored by Secunia - http://secunia.com/
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFG90mRsrt057ENXO4RAu3LAKCTxcdPqe7U7BfCJRX5iLieGYSRZgCgurq0
FuAE1RBmr4MjiCnROhqugpU=
=u1Uy
-----END PGP SIGNATURE-----


Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ