[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20030718222018.22489.qmail@singapore.net>
From: morning_wood at singapore.net (Franks and Beans)
Subject: SUMMTERTIME 0d4y POPPYTOP PHP i get out of school YAY
NEW MAIL LIST START! 0D4Y@...isALLiKNOW.COM TO JOIN! YAY!!!
I LUB U MUMMY FOR NEW SERVER! YAY!!!!!!!
------------------------------------------------------------------
- EXPL-A-2003-016 exploitlabs.com Advisory 017
[still, no one tell me what number mean! plz!!!]
------------------------------------------------------------------
-= PoppyTop PHP =-
Donnie Weinerzucker
July 18, 2003
I <3 XSS
Intro:
---------------
I sorry for posting no good before to list, my mommy say i special
and i think i go make every1 happy but they hate me, why!
i just want be elite hacker like mitnick but no one teach me exploit
they say "you learn" but i just want hack nasa .gov sites, and play
with my sub7 and trojans [e-mail me for trade sub7 LEGEND!]
help plzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
ANTHONY AYKRUT! I LOVE UUUUUUUUUUUU!!!!!!!!!!!!!!!!!! MAKE ME BABY!!!
Vunerability(s):
----------------
1. XSS Vulnerability
2. Elite Hacker Stuff
3. Bad Code & Credit Stealing
Product:
--------
PoppyTop PHP script i make for friend
2 people use, me and him. pricate code
But i no code good, no know how to code at all
so i find exploit and now i share 0d4y!!@$!@$
http://exploitlabs.com/files/woods/poppyt-php.zip
Comments:
-------------------
I stupid fat head and have fat face and I only
have sex with my mouse and pet iguana
i coding new program called cornioPLP, it program
let you execute many thing from web. many wholes you
can find in it soon when i upload to me website
If u find wholes and you tell any1 i sue u cuz i can
do that cuz u bad person
Description of product:
-----------------------
"poppytop php program that allows you to edit your main index page
on the fly through get or post to php script"
http://exploitlabs.com/files/woods/poppyt-php.zip
Author: Donnie Werner
Requirements:
Webspace with PHP support.
have been developed over a Apache + PHP
platform running in Windows XP[sum1 give me linux shell plzzz i never use unix be4 i hear u hack on linux]
and have not been fully tested because I don't knwo how code
ummm.. ok hint: it runs on my box along with the backdoor on it
VUNERABILITY / EXPLOIT
======================
Another bad code page editor php script with many flaws...
1. XSS, if u edit u page and put:
"<SCRIPT>alert(document.domain);</SCRIPT><SCRIPT>alert(document.cookie
);</SCRIPT>"
it go show u cookie! HAH why I so elite.
"the JS code is rendered / executed in the the users browser." [i copy
from xss101 cause i no no english]
2. XSS Vunerabilities lay in everything that u change in
main index page. and no authentication so u can hack many
pages [mine and my friend]
3. backdoor on my computer and i hack and i no know how to get rid of
4. I know elite trojan stuff in visual basic
5. I die and should suck
EXPLOIT CODE:
-------
input <script> above and hack everybody!
can sum1 teach me what so big about xss? i make popup but i no
know what to do then, how i do command? like "defaced by l33t h4cker w00d"
why u hate my limp arm
Local:
------
everything remote is local!!!
Remote:
-------
yup we got XSS and stuff via remote
Vendor Fix:
-----------
There is no fix on 0day because I don't know how to code. I make
the script i now make adv for, someone fix it or i sue u for hacking
Vendor Contact:
---------------
Yep, i contacted me self but i realize i faggoty head
Credits:
--------
Donnie Werner (morning_wood@...me4.com)
5685 Eagle Pky #2
Ferndale, Wa 98248
360-312-8011 ~ call me if you want to talk about XSS
SSN# 313-59-7823
I 38 and divorced 1 time [i beat her so she leab me,want see divorce papers?]
but i think i l33t so i hangout with 16 year olds on irc, YAYYYYYYYYYY
visit my sites!
exploitlabs.com (maybe some day i learn more than xss)
nothackers.org (the XSS 0y34r ph34r, "Freedom of voice" till you say something i no like)
and other lame sites that have nothing!
Original advisory may be found at
http://exploitlabs.com/files/advisories/EXPL-A-2003-016-popfe.txt
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Goodbyes;
I make song about XSS, everyone look how elite;
"I love u, u love me, we're a happy family
with a pop up here and pop up there
we make popups but dont know where to go from there"
YAY!!!!!!!! if u copy & put on u site i sue u cuz it copy write
No one contact me from defcon yet, plz defcon! i know xss in obscure scripts
nobody uses, i teach mad l33t stuff!
Greets;
Project cOd, Donnie Weiner, w00w00[i know null technique]
badpack3t(i'm almost as lame as you! nice sploitz!), the cisco kyd, moot bailey,
0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y
0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y
0d4y thinking caps on!
0D4Y EXPLOIT ON FULL DISCLOSURE ~ THEY MAIL YOU PASSWORD BACK IN CLEARTEXT
HAHAHAH HOW LAME THAT IS?!?!@?!@ HAHAHAHHA-ROFLMFAOHAHAHAHHAA
XSS THE PLANET!!!!!! YEAHHH!!!!!!!!!!! LUCY!!!!!
THE END
--
_______________________________________________
Get your free email from http://www.singapore.net
Get US $10 Now: http://www.resource-a-day.com/members2/rsathyamurthy
Powered by Outblaze
Powered by blists - more mailing lists