Re: [Ciotoflow] umorismo da metasploit

このメッセージを削除

このメッセージに返信
著者: Agostino Sarubbo
日付:  
To: Flussi di ciotia.
題目: Re: [Ciotoflow] umorismo da metasploit
On Friday 01 April 2011 12:08:16 ono-sendai wrote:
> On 01/04/2011 11:35, LordZen wrote:
> > Divertente no??
> >
> > http://www.commonexploits.com/?p=266
>
> Hahahah..penso che la tua sia una grande email per "sverginare" la lista...
> :) . Aspetto che accettino gli inviti gli altri e per questa sera mando
> una mail di riepilogo della scorsa riunione..


The URL: http://www.commonexploits.com/ is vulnerable to cross site request
forgery.

An unidentified vulnerability was found at: "http://www.commonexploits.com/wp-
comments-post.php", using HTTP method POST. The sent post-data was:
"...comment_post_ID=d'kc"z'gj'"**5*(((;-*`)...".

eval() input injection was found at: "http://www.commonexploits.com/", using
HTTP method GET. The sent data was:
"refreshRate=30&sources=sleep(9)%3B&viewMoreUrl=56&viewMoreText=view+more&tweetsNum=6".
The modified parameter was "sources".

e tante altre ancora...
Predicano bene ma razzolano male eh :D

cheers
--
Agostino Sarubbo ( ago )
Mail: ago@???
Irc: irc.freenode.net ago
Gpg: 0x7CD2DC5D
Arch Tester for Gentoo Linux amd64 http://is.gd/hcQem
Admin for HacklabCS c/o HPCC at Unical


This mail has been sent with kmail on gentoo.