lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <44D27EF7.6050004@f-box.org>
Date: Fri, 04 Aug 2006 00:55:51 +0200
From: Dan B <dan-fd@...ox.org>
To: codeslag <codeslag@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: XSS funtime

Hey,

codeslag wrote:
> http://disabilitydatabase.mla.gov.uk/index.asp?startrow=1&action=search&Keywords=%3Cimg%20src=%22http://0xdeadface.co.uk/richard.jpg%22/%3E
> <http://disabilitydatabase.mla.gov.uk/index.asp?startrow=1&action=search&Keywords=%3Cimg%20src=%22http://0xdeadface.co.uk/richard.jpg%22/%3E>
> http://www.audit-commission.gov.uk/search/search_result.asp?txtSearchKeywords=%3Cimg%20src=%22http://0xdeadface.co.uk/richard.jpg%22/%3E
> <http://www.audit-commission.gov.uk/search/search_result.asp?txtSearchKeywords=%3Cimg%20src=%22http://0xdeadface.co.uk/richard.jpg%22/%3E>
> http://www.salford.gov.uk/search.htm?col=justhtml&qt=%3Cimg%20src=%22http://0xdeadface.co.uk/richard.jpg%22/%3E3E
> <http://www.salford.gov.uk/search.htm?col=justhtml&qt=%3Cimg%20src=%22http://0xdeadface.co.uk/richard.jpg%22/%3E3E>
> http://www.ealing.gov.uk/search.jsp?query=%3Cimg+src%3D%22http%3A%2F%2F0xdeadface.co.uk%2Frichard.jpg%22%2F%3E&goButton=Search&index=all
> <http://www.ealing.gov.uk/search.jsp?query=%3Cimg+src%3D%22http%3A%2F%2F0xdeadface.co.uk%2Frichard.jpg%22%2F%3E&goButton=Search&index=all>
> http://www.successforall.gov.uk/index.cfm?pg=61&q=%3Cimg%20src=%22http://0xdeadface.co.uk/richard.jpg%22/%3E
> <http://www.successforall.gov.uk/index.cfm?pg=61&q=%3Cimg%20src=%22http://0xdeadface.co.uk/richard.jpg%22/%3E>
>
I notice they are all .uk sites, by any chance are you a resident of the
fair UK?

> Does this mean I win the XSS contest? After all i have h4><0r3d t3h
> g1bs0n!!111111
I didn't realise there was a contest!

And which is the Gibson? ;)

>
> hugs & kisses dyn0/codeslag
Umm maybe! ... Not! LoL.

Cheers,
DanB UK.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ