Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
For any nonsense or banter that doesn't fit anywhere else. LoL! omg! ROFL! 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
What do you get for writing an XSS worm?
Posted by: Kyo
Date: May 02, 2008 04:19PM

I'm just wondering what happens to those who do so, write an XSS worm for some site of website like myspace and it spreads rather quickly. But what usually happens afterwards? Did anyone ever get sued or even land in prison for writing an XSS worm?
I guess it depends on whether the worm is actually harmless or not, huh?

Options: ReplyQuote
Re: What do you get for writing an XSS worm?
Posted by: Kyran
Date: May 02, 2008 04:53PM

I've personally never even been contacted, but there are extreme cases like Samy. It really depends on who is taking care of your 'case', the mood of the random guy in charge of those sorts of things at the 'attacked' company, etc.
Basically, it's risky to say the least but you can also get away totally free as well.

- Kyran

Options: ReplyQuote
Re: What do you get for writing an XSS worm?
Posted by: tx
Date: May 02, 2008 04:53PM

samy

EDIT: Kyran's quick, what he said ^^. I'll keep the link there cause it's an entertaining read anyway.

-tx @ lowtech-labs.org



Edited 2 time(s). Last edit at 05/02/2008 05:28PM by tx.

Options: ReplyQuote
Re: What do you get for writing an XSS worm?
Posted by: Kyo
Date: May 02, 2008 05:06PM

Oh, I know about Samy. I just wanted to know what happens to your average worm...

Options: ReplyQuote
Re: What do you get for writing an XSS worm?
Posted by: thornmaker
Date: May 02, 2008 10:52PM

on the other extreme, you might find yourself with a new job offer

Options: ReplyQuote
Re: What do you get for writing an XSS worm?
Posted by: Kyo
Date: May 03, 2008 02:24AM

That has actually happened to me before. Well it wasn't a real job, just some crappy online game offering me to be admin.

Options: ReplyQuote
Re: What do you get for writing an XSS worm?
Posted by: sirdarckcat
Date: May 04, 2008 10:44PM

Jobs happen..

--------------------------------
http://sirdarckcat.blogspot.com/ http://www.sirdarckcat.net/ http://foro.elhacker.net/ http://twitter.com/sirdarckcat

Options: ReplyQuote
Re: What do you get for writing an XSS worm?
Posted by: kuza55
Date: May 05, 2008 12:07AM

You shit yourself because you're only 14 and you found some bullshit terms of use saying they'd prosecute hackers, but nothing ever comes of it so you write a guide on how to do so, crack all those password hashes you stole, steal a fuckload of virtual money, get a fuckload of accounts banned, then get and tell the site a few years later that they have XSS vulns coming out the ass.

----------------------------------------------------------
Don't forget our IRC: irc://irc.irchighway.net/#slackers
[kuza55.blogspot.com]

Options: ReplyQuote
Re: What do you get for writing an XSS worm?
Posted by: Kyo
Date: May 05, 2008 02:26AM

Does that mean I'm not cool anymore if I just used it for a harmless prank and helped the admin fix everything afterwards?

Options: ReplyQuote
Re: What do you get for writing an XSS worm?
Posted by: Om
Date: May 06, 2008 09:56AM

Quote

Does that mean I'm not cool anymore if I just used it for a harmless prank and helped the admin fix everything afterwards?
The question is how many are really going to listen to you and fix it!

If ($they_do)
echo "Cool!";
Else{
screwThem();
echo "Khoool :P";
}


I'd informed my company about the flaws in the internal blog server. I was told that it'll be fixed by the EOD (!!!) :| An year has passed and nothing's fixed.
A few days ago, I'd to advertise a conf. I posted it on the same blog server and boosted my ranks. It was, in a way fun to reach top 4 with just one post. Later, they mailed me and threatened me. I knew that they can't do anything *officially* since they have been at fault. I did my job my informing them, waited for long, and then played a _harmless_ prank. And this felt really nice (or Cool ;) ).

Anyhoo! The whole point is that the Cool factor has to come from within if you *mean* to do good. If you wish to be seen Cool, hack them and advertise it.

---
I'd love to change the world,
but they won't gimme the source code.
Code in my Bug!

Options: ReplyQuote


Sorry, only registered users may post in this forum.