Please find attached
On Fri, Jan 28, 2011 at 9:21 AM, Reinier Battenberg < [email protected]> wrote: > Hi Johanne, > > Could you explain a bit about the approach you took in fixing the exploit, > so we all can learn from it? > > -- > > rgds, > > Reinier Battenberg > > Director > > Mountbatten Ltd. > > +256 758 801 749 > > www.mountbatten.net > > On Friday 28 January 2011 09:17:44 Johanne Banda wrote: > > > Firstly David, Thank you very much for the "Otunnu Exploit" > > > That is why we open sourced the project. To get as much feed back as > > > possible and make the best project possible. > > > > > > The Exploit has been patched. > > > > > > Please continue to test the site and find the holes (if you find them we > > > will patch them) > > > > > > Less than a month to the elections and the input of the Techie community > is > > > sorely needed. > > > > > > Johanne > > > > > > > From: David Gelvin <[email protected]> > > > > Date: 26 January 2011 18:49 > > > > Subject: [LUG] Voting > > > > To: Linux Users Group Uganda <[email protected]> > > > > > > > > > > > > See the attached file for a quick proof of concept. > > > > > > > > If you check out http://www.voteug.com/details and tally by the > national > > > > level, you'll see that Mr. Olara Otunnu is doing well. (Although I > don't > > > > actually even know who he is) > > > > > > > > That's because he is currently getting every vote in the country- It's > > > > amazing what a python script can do. > > > > > > > > *Disclaimer*: > > > > Obviously this is just a very simple demonstration of http form > > > > interaction with python. Any reasonable site purporting to have > > > > accurate results would do things _completely_ differently. > > > > > > > > -- > > > > This message has been scanned for viruses and > > > > dangerous content by *MailScanner* <http://www.mailscanner.info/>, and > is > > > > believed to be clean. > > > > _______________________________________________ > > > > The Uganda Linux User Group: http://linux.or.ug > > > > > > > > Send messages to this mailing list by addressing e-mails to: > > > > [email protected] > > > > Mailing list archives: http://www.mail-archive.com/[email protected]/ > > > > Mailing list settings: http://kym.net/mailman/listinfo/lug > > > > To unsubscribe: http://kym.net/mailman/options/lug > > > > > > > > The Uganda LUG mailing list is generously hosted by INFOCOM: > > > > http://www.infocom.co.ug/ > > > > > > > > The above comments and data are owned by whoever posted them (including > > > > attachments if any). The mailing list host is not responsible for them > in > > > > any way. > > > -- > This message has been scanned for viruses and > dangerous content by *MailScanner* <http://www.mailscanner.info/>, and is > believed to be clean. > > _______________________________________________ > The Uganda Linux User Group: http://linux.or.ug > > Send messages to this mailing list by addressing e-mails to: > [email protected] > Mailing list archives: http://www.mail-archive.com/[email protected]/ > Mailing list settings: http://kym.net/mailman/listinfo/lug > To unsubscribe: http://kym.net/mailman/options/lug > > The Uganda LUG mailing list is generously hosted by INFOCOM: > http://www.infocom.co.ug/ > > The above comments and data are owned by whoever posted them (including > attachments if any). The mailing list host is not responsible for them in > any way. > -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
vote_attack_file.py
Description: Binary data
_______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way.
