[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <AANLkTim=pZynPtcamK19TMvGWZN7uDX=KwXfg=1PsGpY@mail.gmail.com>
Date: Fri, 1 Apr 2011 09:37:36 +0100
From: Benji <me@...ji.com>
To: matador matador <m4t4d00r@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: itunes.apple.com owned by webapp malicious
host
Is that a yes or a no?
On 4/1/11, matador matador <m4t4d00r@...il.com> wrote:
> I am 15 years old :)
>
> 2011/4/1 Benji <me@...ji.com>
>
>> No they don't. All your link implies is that either a) someone
>> compromised the itunes account associated with that band and added the
>> script, or b) it was injected into place.
>>
>> However at no point is the javascript executed.
>>
>> Sigh, do you have a CSSIP aswell?
>>
>> On 4/1/11, matador matador <m4t4d00r@...il.com> wrote:
>> > Seems that Websense agree with me...
>> >
>> >
>> http://community.websense.com/blogs/securitylabs/archive/2011/03/29/lizamoon-mass-injection-28000-urls-including-itunes.aspx
>> >
>> > ... or better they copy and paste my trivial link ... LOL! :)))
>> >
>> > 2011/3/29 Cal Leeming <cal@...whisper.co.uk>
>> >
>> >> Unconfirmed, seems to escape fine for me.
>> >>
>> >> On Tue, Mar 29, 2011 at 3:22 PM, matador matador
>> >> <m4t4d00r@...il.com>wrote:
>> >>
>> >>> Enjoy! :)
>> >>>
>> >>> http://www.google.com/search?q=lizamoon.com+site%3Aapple.com
>> >>>
>> >>> _______________________________________________
>> >>> Full-Disclosure - We believe in it.
>> >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >>> Hosted and sponsored by Secunia - http://secunia.com/
>> >>>
>> >>
>> >>
>> >
>>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists