How robots and spiders are causing issues, how to stop them. We can also talk about Completely Automated Public Turing Test To Tell Computers And Humans Apart - their use, their compliance issues, porn proxies, PWNtcha and other ways to defeat them.
Hi there, its been a while since i've posted something here.
i already appoligize for my bad engish ;p
but as i'm continueing one of my projects i'm asking for some info and help.
i'm curently working on a worm for a very big community site. not to harm but to learn. anyway i manged to find 2 bugs 1 was rather useless and the second one is
use full but quite hard to exploit tho i manged to exploit it anyway ;p.
the problem with that bug is that it exisit on a cashed site i believe! anyway every 4 ~ 10 min i have to send out a request with the payload this is becouse some how the site is lost afther that period of time.
Anyway i made some fancy php script wich does that for me with Curl and cronjobs
also i had to update the link every time i did got a new link from the request
i already knew that it isn't very handy couse if it spreads exponentionaly eventually it will crash the script due to over load. so i tought out someting else. the site is some what stupid as they you can send an email to yourself if you lost your password to recover it so i'm aiming on that weakness in there site.
its easy to change the mail with the xss bug.
the only thing that i now have to do is automaticly login to a email account like hotmail or gmail with curl orso. i already manged to login to gmail but i couln't read out emails that is the problem so does anyone has some code or some explanation or anyting else wich can help me further on reading out the emails from gmail or hotmail or so ever.
anyway if this project is done i will show you my code. its quite alot and i'm sure it can be improved alot as well. but this is actually my first attempt on a
"bot alike code" with php/javascript and xss holes.
I might going to try to create a multiple site xss worm wich will search for weaknesses in other site. i was thinking on using xssed's xss database to search for common bugs in site's to spread it self among other site's as well tho it might be tricky to create such a self coding worm. but this way you could create a worm wich would track down a certain user and gathering info about him.
anyway this sounds very intresting to me becouse i don't think it has done befor and if u ask me the potential for such an attack is there. as there are already xss scanners etc wich can be implemented into a worm to track down new hole's to spread its self to.
oke thanks, tho it isn't really where i'm looking for i guess. still i'm going to toy with this! anyway the problem is i need to read out the email.
what i'm trying to do is send a prived msg to person x from a friend. with a link in it he clicks on it afther that his email get changed to my email afther that the script will notice my php script that the mail has changed and an email has send to change the fictems password the script will read out the mail and extract the link in that mail to change the password afther that it will change the password and reset the users account to its original form but with the changed password. then the cycle will go on. grab the persons friend list mail all of them and so on tho i might need more email adresses in order to make it work smoot as you can't use 1 email adresses for diffrent accounts so it has to be changed in order to use it to hijack another account.
anyway the only problem is getting the content of the in gmail i will probably be able to fix it but any help that make's it a bit easyer would be nice.
right but most sites dont allow the same email adress to be used for 2 accounts ;)
that is why i gave u this tip as i have used it in the past to do such a thing
im sure u have been doing some googleing, but came up with these
http://www.phpclasses.org/blog/package/2/post/1-Process-incoming-email-messages-using-PHP.html
http://www.weberdev.com/get_example-501.html
also if you find a cheap site u can curl to you can have gmail forward all your mail
sometimes you really have to be creative to make something work but imo those
are the one's wich will provide the moste fun becouse your learn alot from it.
@SpoofGhost: The combination of Mailinator and Dapper is nice - pump the mails into the Mailinator account, scrape the data with Dapper and convert it into an RSS feed. Afterwards subscribe to that feed with Google Reader and you even have it backed up + API access :)
hey thanks .mario and backbone, going to look into that a pop3 might also be possible to pull this of. haven't had anytime to work further on the project tho.
.mario Wrote:
-------------------------------------------------------
> @SpoofGhost: The combination of Mailinator and
> Dapper is nice - pump the mails into the
> Mailinator account, scrape the data with Dapper
> and convert it into an RSS feed. Afterwards
> subscribe to that feed with Google Reader and you
> even have it backed up + API access :)
kinda took ur thought and did this
http://pappy.pastebin.com/fefe81cc
it can be edited further, you could even make it for each username have its own mailinator email, and then pump that into a GET variable to run thru the script
i didnt know if you needed to extract the password or an activation link. if you need help with it let me know.
if you run the code it works and should extract 2 passwords
feel free to bash my code, i know i suck
-------------edit
here is a curl version
http://pappy.pastebin.com/f65fa0bc0
curl version:Page loaded in 0.235 seconds.
file_get_contents version:Page loaded in 0.132 seconds.
your choice, just giving you an option
http://www.xssed.com/archive/author=PaPPy/
Edited 1 time(s). Last edit at 08/16/2009 04:37PM by PaPPy.
havent been arround for some time i had a busy time with school,
anyway...
i'm continueing this project tho my host has some problems concerning Curl so i can't really use it. anyone knows some free hosting where this is enabled?
oh i do have a bit of a problem.. maybe you guys know a solution.
the thing i'm having problems with is the an option from curl
followlocation, it give's an error anyway i need to turn off save mode
and also open basedir tho save mode is off open_basedir is still a problem.
i can't turn this off as i'm using a "free host" so i need a solution for this.
i already had some sorth of solution but i'm not sure if this is working.
anyway if some one knows a good free host wich supports curl and got things setup
so i can use this function, or a good workaround wich i prefer. as the current host is quite nice. as it supports almost everything i could need and need.
googling brings up a lot of subjects on the issues
http://secunia.com/advisories/13023/
seems that option maybe disabled in curl all together? or maybe its real old and i dont know what im talking about
i need to login and inject the xss in one of there pages but the problem is that the page only exists for 10 min orso thus i need to do it over and over again thats why i need curl in the first place its almost a bot... as it has some more functions it can preform...
