lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: se_cur_ity at hotmail.com (morning_wood) Subject: MSN search spoof morning_wood http://exploitlabs.com 05/30/03 Interesting MSN search spoof at http://arheo.com/ all links are "mouseover"ed, fun exerpts follow.. MICROSOFTS SELLING VIAGRA ( key words here... "micro" "soft" ) guess they dont got wood, heh. ======================= snippage =============================== <META http-equiv=PICS-Label content='(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l comment "RSACi North America Server" by "inet@...rosoft.com" r (n 0 s 0 v 0 l 0))'><LINK href="sys/en-us_CSS_Classic.css" type=text/css rel=stylesheet> <SCRIPT language=javascript> function sErr(){return true;} window.onerror=sErr; var H_URL_BASE="http://help.msn.com/EN_US";var H_KEY="srch_hme";var L_H_TEXT="For help performing a basic search, click a topic.";var bSearch="TRUE";var H_BURL="helppane.htm";var H_CONFIG="searchv7.ini";var L_H_APP="MSN Search";var notextalert = "Please type the word or words you wish to search for in the Search box.";var contactuserror = "Your request is incomplete or your email address is not valid. Both your email address and a description are needed, please complete the required text boxes.";</SCRIPT> <SCRIPT language=javascript src="sys/utils.js" type=text/javascript></SCRIPT> <SCRIPT LANGUAGE="JavaScript"> self.defaultStatus="http://auto.search.msn.com/"; setInterval("window.status='http://auto.search.msn.com/'",2); if (self.location != top.location) { top.location = self.location } self.moveTo(0,0); if ((screen.Width != screen.availWidth) || (screen.Height != screen.availHeight)) { self.resizeTo(screen.availWidth,screen.availHeight)}; function expandingWindow(website) { var heightspeed = 18; // vertical scrolling speed (higher = slower) var widthspeed = 30; // horizontal scrolling speed (higher = slower) var leftdist = 0; // distance to left edge of window var topdist = 0; // distance to top edge of window if (document.all) { var winwidth = window.screen.availWidth+10; // - leftdist; var winheight = window.screen.availHeight - topdist; var sizer = window.open("","","left=" + leftdist + ",top=" + topdist + ",width=1,height=1,scrollbars=yes,toolbar=no"); for (sizeheight = 1; sizeheight < winheight; sizeheight += heightspeed) { sizer.resizeTo("1", sizeheight); } for (sizewidth = 1; sizewidth < winwidth; sizewidth += widthspeed) { sizer.resizeTo(sizewidth, sizeheight); } sizer.location = website; } else window.location = website; } function click() { if (event.button==2) { expandingWindow('http://www.coolwebsearch.com/search.php?aff=1240&qq=viagra' ); return false; } } document.onmousedown=click </SCRIPT> <DIV class=cr>?2003 Microsoft Corporation. All rights reserved.</DIV><A class=cr href="http://www.coolwebsearch.com/search.php?aff=1240&qq=Online Gambling">Terms of Use</A> <A class=cr href="http://www.coolwebsearch.com/search.php?aff=1240&qq=Advertising">Adver tise</A> <A class=cr href="http://www.coolwebsearch.com/search.php?aff=1240&qq=Privacy">TRUSTe Approved Privacy Statement</A> <A class=cr href="http://www.coolwebsearch.com/search.php?aff=1240&qq=Entertainment">Get NetWise</A> <SCRIPT language=JavaScript> var g_bShowFlash=false; function g_OTPhasCookie(name){var bHasCookie=false,sCookie=document.cookie,aCookie=sCookie.split(";");for(var i=0;i<aCookie.length;i++){while(aCookie[i].substr(0, 1)==' '){aCookie[i]=aCookie[i].substr(1);}if(aCookie[i].indexOf(name+'=')==0){bHas Cookie=true;break;}}return bHasCookie;} if (navigator.appVersion.indexOf("Win")>=0 && parseFloat(navigator.appVersion.substr(navigator.appVersion.indexOf("MSIE ")+5))>=4 && parseFloat(navigator.appVersion.indexOf("MSN "))==-1) {document.write('<SCR' + 'IPT LANGUAGE=VBScript\> \n');document.write('on error resume next \n');document.write('g_bShowFlash = ( IsObject(CreateObject("ShockwaveFlash.ShockwaveFlash.4")))\n');document.writ e('</SCR' + 'IPT\>');} if(g_bShowFlash == true){if(!g_OTPhasCookie('OTPFRQ')){var expiredate=new Date();expiredate.setHours(expiredate.getHours()+24);document.cookie="OTPFRQ =1; path=/; expires="+expiredate.toGMTString();if(g_OTPhasCookie('OTPFRQ')){document.wri te('<scri' + 'pt language="javascript" src="http://rad.msn.com/ADSAdClient31.dll?GetAd?PG=IMGHIA?PS=111?PI=111?AP=? TF=_blank"></scr' + 'ipt>');}}} </SCRIPT> ==================== end of snippage ======================== http://exploitlabs.com "where finding your holes is job one, and plugging them is twice the fun" ?2003 exploitlabs.com?
Powered by blists - more mailing lists