[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.50L0.0307191145170.30598-100000@cia.zemos.net>
From: booger at unixclan.net (security snot)
Subject: SUMMTERTIME 0d4y POPPYTOP PHP i get out of
school YAY
morning wood is my friend, be warned.
-----------------------------------------------------------
"Whitehat by day, booger at night - I'm the security snot."
- CISSP / CCNA / A+ Certified - www.unixclan.net/~booger/ -
-----------------------------------------------------------
On Sat, 19 Jul 2003, Franks and Beans wrote:
> NEW MAIL LIST START! 0D4Y@...isALLiKNOW.COM TO JOIN! YAY!!!
> I LUB U MUMMY FOR NEW SERVER! YAY!!!!!!!
>
>
> ------------------------------------------------------------------
> - EXPL-A-2003-016 exploitlabs.com Advisory 017
> [still, no one tell me what number mean! plz!!!]
> ------------------------------------------------------------------
> -= PoppyTop PHP =-
>
>
> Donnie Weinerzucker
> July 18, 2003
> I <3 XSS
>
>
> Intro:
> ---------------
> I sorry for posting no good before to list, my mommy say i special
> and i think i go make every1 happy but they hate me, why!
> i just want be elite hacker like mitnick but no one teach me exploit
> they say "you learn" but i just want hack nasa .gov sites, and play
> with my sub7 and trojans [e-mail me for trade sub7 LEGEND!]
>
> help plzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
>
>
>
> ANTHONY AYKRUT! I LOVE UUUUUUUUUUUU!!!!!!!!!!!!!!!!!! MAKE ME BABY!!!
>
> Vunerability(s):
> ----------------
> 1. XSS Vulnerability
> 2. Elite Hacker Stuff
> 3. Bad Code & Credit Stealing
>
>
> Product:
> --------
> PoppyTop PHP script i make for friend
> 2 people use, me and him. pricate code
> But i no code good, no know how to code at all
> so i find exploit and now i share 0d4y!!@$!@$
>
>
> http://exploitlabs.com/files/woods/poppyt-php.zip
>
>
>
> Comments:
> -------------------
> I stupid fat head and have fat face and I only
> have sex with my mouse and pet iguana
>
> i coding new program called cornioPLP, it program
> let you execute many thing from web. many wholes you
> can find in it soon when i upload to me website
> If u find wholes and you tell any1 i sue u cuz i can
> do that cuz u bad person
>
>
>
> Description of product:
> -----------------------
> "poppytop php program that allows you to edit your main index page
> on the fly through get or post to php script"
> http://exploitlabs.com/files/woods/poppyt-php.zip
> Author: Donnie Werner
>
> Requirements:
> Webspace with PHP support.
> have been developed over a Apache + PHP
> platform running in Windows XP[sum1 give me linux shell plzzz i never use unix be4 i hear u hack on linux]
> and have not been fully tested because I don't knwo how code
>
> ummm.. ok hint: it runs on my box along with the backdoor on it
>
>
>
> VUNERABILITY / EXPLOIT
> ======================
> Another bad code page editor php script with many flaws...
>
>
> 1. XSS, if u edit u page and put:
>
> "<SCRIPT>alert(document.domain);</SCRIPT><SCRIPT>alert(document.cookie
> );</SCRIPT>"
>
> it go show u cookie! HAH why I so elite.
> "the JS code is rendered / executed in the the users browser." [i copy
> from xss101 cause i no no english]
>
> 2. XSS Vunerabilities lay in everything that u change in
> main index page. and no authentication so u can hack many
> pages [mine and my friend]
>
> 3. backdoor on my computer and i hack and i no know how to get rid of
>
> 4. I know elite trojan stuff in visual basic
>
> 5. I die and should suck
>
>
>
> EXPLOIT CODE:
> -------
> input <script> above and hack everybody!
>
> can sum1 teach me what so big about xss? i make popup but i no
> know what to do then, how i do command? like "defaced by l33t h4cker w00d"
>
> why u hate my limp arm
>
>
> Local:
> ------
> everything remote is local!!!
>
> Remote:
> -------
> yup we got XSS and stuff via remote
>
>
> Vendor Fix:
> -----------
> There is no fix on 0day because I don't know how to code. I make
> the script i now make adv for, someone fix it or i sue u for hacking
>
>
> Vendor Contact:
> ---------------
> Yep, i contacted me self but i realize i faggoty head
>
>
> Credits:
> --------
>
> Donnie Werner (morning_wood@...me4.com)
> 5685 Eagle Pky #2
> Ferndale, Wa 98248
> 360-312-8011 ~ call me if you want to talk about XSS
> SSN# 313-59-7823
>
> I 38 and divorced 1 time [i beat her so she leab me,want see divorce papers?]
> but i think i l33t so i hangout with 16 year olds on irc, YAYYYYYYYYYY
>
> visit my sites!
> exploitlabs.com (maybe some day i learn more than xss)
> nothackers.org (the XSS 0y34r ph34r, "Freedom of voice" till you say something i no like)
> and other lame sites that have nothing!
>
> Original advisory may be found at
> http://exploitlabs.com/files/advisories/EXPL-A-2003-016-popfe.txt
>
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Goodbyes;
>
> I make song about XSS, everyone look how elite;
>
>
> "I love u, u love me, we're a happy family
> with a pop up here and pop up there
> we make popups but dont know where to go from there"
>
>
> YAY!!!!!!!! if u copy & put on u site i sue u cuz it copy write
>
> No one contact me from defcon yet, plz defcon! i know xss in obscure scripts
> nobody uses, i teach mad l33t stuff!
>
>
>
> Greets;
>
> Project cOd, Donnie Weiner, w00w00[i know null technique]
> badpack3t(i'm almost as lame as you! nice sploitz!), the cisco kyd, moot bailey,
>
>
>
> 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y
> 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y 0D4Y
> 0d4y thinking caps on!
>
> 0D4Y EXPLOIT ON FULL DISCLOSURE ~ THEY MAIL YOU PASSWORD BACK IN CLEARTEXT
> HAHAHAH HOW LAME THAT IS?!?!@?!@ HAHAHAHHA-ROFLMFAOHAHAHAHHAA
>
>
> XSS THE PLANET!!!!!! YEAHHH!!!!!!!!!!! LUCY!!!!!
>
> THE END
> --
> _______________________________________________
> Get your free email from http://www.singapore.net
> Get US $10 Now: http://www.resource-a-day.com/members2/rsathyamurthy
>
> Powered by Outblaze
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
Powered by blists - more mailing lists