Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Script obfuscation, filter evasion, IDS/IPS/WAF bypassing... this is where it should live. Because this topic is too big to live anywhere else. Phj33r! 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Pages: Previous12
Current Page: 2 of 2
Re: Hard to maintain collections/posts?
Posted by: id
Date: July 03, 2009 03:10PM

I like Gareth's second one the most, but I'd like to see maybe either a few more entries or a little voting...

-id

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: thornmaker
Date: July 03, 2009 10:57PM



http://slithy.org/tra.ckers.svg

[edit:] not trying to backdoor ckers.org. just a joke :)



Edited 2 time(s). Last edit at 07/04/2009 01:27PM by thornmaker.

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: Spyware
Date: July 04, 2009 09:18PM

How about creating a banner using just XHTML/CSS?

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: sirdarckcat
Date: July 05, 2009 10:50AM

gggr, the logo is not important.. I vote for whatever gareth votes haha..
(recursion & endless loops are forbidden)

Greeetz!!

--------------------------------
http://sirdarckcat.blogspot.com/ http://www.sirdarckcat.net/ http://foro.elhacker.net/ http://twitter.com/sirdarckcat



Edited 1 time(s). Last edit at 07/05/2009 10:50AM by sirdarckcat.

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: thrill
Date: July 05, 2009 12:41PM

for i = sirdarckcat_vote + 1
next i;

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: thornmaker
Date: July 05, 2009 02:21PM

I vote for whichever entry has the most pink

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: Gareth Heyes
Date: July 05, 2009 04:41PM

I vote for none of them hehe I DOS'ed sirdarckcat

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: Anonymous User
Date: July 05, 2009 05:50PM

what about this?

EDIT: Damnit - here's the rite one :)





Edited 1 time(s). Last edit at 07/06/2009 03:10AM by .mario.

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: sirdarckcat
Date: July 05, 2009 08:40PM

lol abstentionism wins, we wont use a logo!!

anyway, .mario's:
http://cooltext.com/images/missing.gif


is awesome haha

--------------------------------
http://sirdarckcat.blogspot.com/ http://www.sirdarckcat.net/ http://foro.elhacker.net/ http://twitter.com/sirdarckcat

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: holiman
Date: July 06, 2009 02:02PM

Web 2.0 certified:
http://web2.0stylr.com/userimages/150kfvfe3fc5hw55syeaaly37-6-2009-1-57-13-PM.jpg

Got both reflection,a gradient and that crisp, clean feel of two-point-oh

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: thornmaker
Date: July 06, 2009 04:54PM

@.mario pink! its pink! you got my vote!

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: Anonymous User
Date: July 06, 2009 05:00PM

@thornmaker I knew I would get you with that one ;)

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: thrill
Date: July 06, 2009 06:05PM

I'm sure that deep inside, not only the pink, but the flames has id secretly wishing everyone votes for that one..

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: sirdarckcat
Date: July 06, 2009 08:32PM

oh gareth, are you sure you dont wan't to vote for .mario's? haha

--------------------------------
http://sirdarckcat.blogspot.com/ http://www.sirdarckcat.net/ http://foro.elhacker.net/ http://twitter.com/sirdarckcat

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: Gareth Heyes
Date: July 07, 2009 03:10AM

You know at some point mario did actually create a logo like this and thought it was good :)

Pink hats :P

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: backbone
Date: July 07, 2009 06:03AM



---
blog [-] microblog

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: id
Date: July 07, 2009 12:47PM

Has anyone else audited trac? We're finding some issues just playing around with it.

full path disclosure on error conditions - maybe there is a way to turn it off, but it's not obvious.
full version numbers and host system details - same

I'm going to run acunetix and a couple other scanners on it, if anyone knows of any open security issues with it please post.

-id

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: sirdarckcat
Date: July 17, 2009 03:58AM

Soooo doing this HTML parser left me with tons of test cases and a couple of interesting stuff..

Since it's not just obfuscation, I was waiting for tra.ckers but it's so long :(

Gareth also want to share his experiences with JSReg, so..

What's up!!!!!! =/

I mean, it's ok to be paranoic, but holding for full path disclosure and version numbers is not cool haha..

So, in risk of forgetting what I've found out, I'll upload the testcases to a google code wiki (I love the name haha)

http://code.google.com/p/googlecaja

this weekend Im going to shanghai and next weekend is blackhat.. so well.. on monday or so I'll upload this.

I was hoping to link to tra.ckers for blackhat.

Greetz!!

--------------------------------
http://sirdarckcat.blogspot.com/ http://www.sirdarckcat.net/ http://foro.elhacker.net/ http://twitter.com/sirdarckcat



Edited 1 time(s). Last edit at 07/17/2009 03:59AM by sirdarckcat.

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: Anonymous User
Date: July 17, 2009 04:43AM

I think XSS is not supercritical - if existing in Trac. Most instances are running with basic auth/digest auth. Impact of info/path disclosure? Hard to judge - not my box :)

I suggest to lock the thing up with a set of rewrite rules and define an individual error page.

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: rvdh
Date: July 17, 2009 05:36AM


Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: rvdh
Date: July 17, 2009 05:36AM


Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: rvdh
Date: July 17, 2009 05:51AM

Or...



Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: sirdarckcat
Date: July 20, 2009 02:52AM

which organization is better?

organizing by description
http://code.google.com/p/googlecaja/downloads/list

or by payload?
http://code.google.com/p/googlecaja/issues/list

or depends?

=/

--------------------------------
http://sirdarckcat.blogspot.com/ http://www.sirdarckcat.net/ http://foro.elhacker.net/ http://twitter.com/sirdarckcat

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: Spyware
Date: July 20, 2009 03:13AM

How about organized by configurable variable(s) :)?

Options: ReplyQuote
Re: Hard to maintain collections/posts?
Posted by: sirdarckcat
Date: July 20, 2009 03:37AM

how? haha..

--------------------------------
http://sirdarckcat.blogspot.com/ http://www.sirdarckcat.net/ http://foro.elhacker.net/ http://twitter.com/sirdarckcat

Options: ReplyQuote
Pages: Previous12
Current Page: 2 of 2


Sorry, only registered users may post in this forum.