[<prev] [next>] [day] [month] [year] [list]
Message-ID: <Law11-OE50lQVvicypu00029374@hotmail.com>
From: se_cur_ity at hotmail.com (morning_wood)
Subject: MSN search spoof
morning_wood
http://exploitlabs.com
05/30/03
Interesting MSN search spoof at http://arheo.com/ all links are
"mouseover"ed, fun exerpts follow..
MICROSOFTS SELLING VIAGRA ( key words here... "micro" "soft" )
guess they dont got wood, heh.
======================= snippage ===============================
<META http-equiv=PICS-Label
content='(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l comment "RSACi
North America Server" by "inet@...rosoft.com" r (n 0 s 0 v 0 l 0))'><LINK
href="sys/en-us_CSS_Classic.css"
type=text/css rel=stylesheet>
<SCRIPT language=javascript>
function sErr(){return true;}
window.onerror=sErr;
var H_URL_BASE="http://help.msn.com/EN_US";var H_KEY="srch_hme";var
L_H_TEXT="For help performing a basic search, click a topic.";var
bSearch="TRUE";var H_BURL="helppane.htm";var H_CONFIG="searchv7.ini";var
L_H_APP="MSN Search";var notextalert = "Please type the word or words you
wish to search for in the Search box.";var contactuserror = "Your request is
incomplete or your email address is not valid. Both your email address and a
description are needed, please complete the required text boxes.";</SCRIPT>
<SCRIPT language=javascript
src="sys/utils.js"
type=text/javascript></SCRIPT>
<SCRIPT LANGUAGE="JavaScript">
self.defaultStatus="http://auto.search.msn.com/";
setInterval("window.status='http://auto.search.msn.com/'",2);
if (self.location != top.location) {
top.location = self.location
}
self.moveTo(0,0);
if ((screen.Width != screen.availWidth) || (screen.Height !=
screen.availHeight)) { self.resizeTo(screen.availWidth,screen.availHeight)};
function expandingWindow(website) {
var heightspeed = 18; // vertical scrolling speed (higher = slower)
var widthspeed = 30; // horizontal scrolling speed (higher = slower)
var leftdist = 0; // distance to left edge of window
var topdist = 0; // distance to top edge of window
if (document.all) {
var winwidth = window.screen.availWidth+10; // - leftdist;
var winheight = window.screen.availHeight - topdist;
var sizer = window.open("","","left=" + leftdist + ",top=" + topdist +
",width=1,height=1,scrollbars=yes,toolbar=no");
for (sizeheight = 1; sizeheight < winheight; sizeheight += heightspeed) {
sizer.resizeTo("1", sizeheight);
}
for (sizewidth = 1; sizewidth < winwidth; sizewidth += widthspeed) {
sizer.resizeTo(sizewidth, sizeheight);
}
sizer.location = website;
}
else
window.location = website;
}
function click() {
if (event.button==2) {
expandingWindow('http://www.coolwebsearch.com/search.php?aff=1240&qq=viagra'
); return false;
}
}
document.onmousedown=click
</SCRIPT>
<DIV class=cr>?2003 Microsoft Corporation. All rights reserved.</DIV><A
class=cr
href="http://www.coolwebsearch.com/search.php?aff=1240&qq=Online
Gambling">Terms of Use</A> <A
class=cr
href="http://www.coolwebsearch.com/search.php?aff=1240&qq=Advertising">Adver
tise</A> <A class=cr
href="http://www.coolwebsearch.com/search.php?aff=1240&qq=Privacy">TRUSTe
Approved Privacy
Statement</A> <A class=cr
href="http://www.coolwebsearch.com/search.php?aff=1240&qq=Entertainment">Get
NetWise</A>
<SCRIPT language=JavaScript>
var g_bShowFlash=false;
function g_OTPhasCookie(name){var
bHasCookie=false,sCookie=document.cookie,aCookie=sCookie.split(";");for(var
i=0;i<aCookie.length;i++){while(aCookie[i].substr(0, 1)=='
'){aCookie[i]=aCookie[i].substr(1);}if(aCookie[i].indexOf(name+'=')==0){bHas
Cookie=true;break;}}return bHasCookie;}
if (navigator.appVersion.indexOf("Win")>=0 &&
parseFloat(navigator.appVersion.substr(navigator.appVersion.indexOf("MSIE
")+5))>=4 && parseFloat(navigator.appVersion.indexOf("MSN "))==-1)
{document.write('<SCR' + 'IPT LANGUAGE=VBScript\> \n');document.write('on
error resume next \n');document.write('g_bShowFlash = (
IsObject(CreateObject("ShockwaveFlash.ShockwaveFlash.4")))\n');document.writ
e('</SCR' + 'IPT\>');}
if(g_bShowFlash == true){if(!g_OTPhasCookie('OTPFRQ')){var expiredate=new
Date();expiredate.setHours(expiredate.getHours()+24);document.cookie="OTPFRQ
=1; path=/;
expires="+expiredate.toGMTString();if(g_OTPhasCookie('OTPFRQ')){document.wri
te('<scri' + 'pt language="javascript"
src="http://rad.msn.com/ADSAdClient31.dll?GetAd?PG=IMGHIA?PS=111?PI=111?AP=?
TF=_blank"></scr' + 'ipt>');}}}
</SCRIPT>
==================== end of snippage ========================
http://exploitlabs.com "where finding your holes is job one, and plugging
them is twice the fun"
?2003 exploitlabs.com?
Powered by blists - more mailing lists