[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CACEGnzHr6xj7GWPfN9dA-CQDpuL9DfKAhY4TYX0_FosH500-jA@mail.gmail.com>
Date: Wed, 25 Jan 2012 12:32:38 -0800
From: Sebastian Rakowski <seb3255@...il.com>
To: adam <adam@...sy.net>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Faux Anonymous hackers to Facebook: 'We're
not playing'
+1
On 2012-01-25 12:17 PM, "adam" <adam@...sy.net> wrote:
> If we cared, we'd visit that site of our own volition. Secondly, even if
> we were interested: most of the people on these lists are intelligent
> enough not to click on links from spammers. Third, even if the content were
> interesting, even if this were the place for it and even if you hadn't
> spammed: "pay and register" is incentive enough for me *not* to join and *
> not* to ever visit that site again.
>
> Short version: this purpose of this list isn't for you to spam your new
> state-of-the-art website. Instead, it's typically to discuss/disclose
> issues/concepts related to computer/network security. Once in a while,
> there are discussions about the overflowing stupidity that some site
> owners/coders have. For example, people that stupidly (and blindly) inject
> code (e.g. for tracking purposes) into every single file on their site,
> regardless of extension:
>
> http://www.karmacyberintel.net/robots.txt
>
> Another one is blatantly disclosing paths in robots.txt that aren't even
> linked to and would never be found anyway (at least by bots that honor
> robots.txt, which ends up being the exact opposite of the desired effect).
> An example of how/why this can be a problem:
>
> md5sum of tiny_mce.js off your server is 9754385dabfc67c8b6d49ad4acba25c3,
> if we perform a simple Google search - we can determine that you're likely
> running version 3.3.1 of Wordpress. From there, we have enough information
> to perform a targeted attack on your server. Except, we don't need to
> because you've already made it more than easy enough for us.
>
> Pretty much every single field on http://www.karmacyberintel.net/pay/ is
> vulnerable to SQL injection, which could easily allow anyone to completely
> compromise the database and possibly the entire site. On top of that,
> register.php also allows for session fixation attacks, as a result of
> header/cookie manipulation. If that weren't bad enough, the admin section
> for your karma theme is also vulnerable to cross-site scripting.
>
> Not to mention, all the problems with with how you've configured SSL and
> everything else. If you're going to spam, at least make sure the website
> you're spamming has been tested and determined to be *somewhat* secure.
>
>
> On Tue, Jan 24, 2012 at 11:31 PM, karma cyberintel <
> karmacyberintel1@...il.com> wrote:
>
>> *UPDATE* After attacking several government sites to protest
>> controversial US legislation in past weeks, hacktivist group Anonymous is
>> setting its sights on one of the Internet's biggest targets: Facebook. Or
>> maybe not.
>>
>> Sources Form karmacyberintel.net
>>
>> for more details
>>
>>
>> http://www.karmacyberintel.net/2012/01/faux-anonymous-hackers-to-facebook-were-not-playing/
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists