] Secret Vulns: Places of confusion
hello list
Sometimes ago I have examined the websites of many
Government's if it's possible to put malicious code
in their URLs. In November 2004 I inform some
Deparments about my successful work.
On most Sites it is possible to:
- inject SQL
Very well said. And kindly too.
Talk or shut up is faster, somehow not as kind.
Michael Rutledge wrote:
Correct me if I'm wrong (which I know the list members will take me up
on that), the FD mailing list is about *discussing* vulnerabilities
and revealing important information to the community.
Credits:
d.w., ms, [...]
and billy bilano perhaps?
--
robert hogan
dublin
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Ooh! A boast thread, goody!
There are many vulnerabilities in many .gov websites, i think the fact
that you might get arrested and/or labelled a terrorist deters
most people.
--
zxy_rbt2
___
Full-Disclosure - We believe in it.
Charter:
hello list
Sometimes ago I have examined the websites of many
Government's if it's possible to put malicious code
in their URLs. In November 2004 I inform some
Deparments about my successful work.
On most Sites it is possible to:
- inject SQL
- account hijacking
- user exploitation
- server
Correct me if I'm wrong (which I know the list members will take me up
on that), the FD mailing list is about *discussing* vulnerabilities
and revealing important information to the community. This post seems
to comment on general problems with general products--so general in
fact that the