| User | Post |
|
3:51 am
March 9, 2010
|
madf0x
| | |
| Active Member | posts 230 | |
|
|
I suggest that as a rule of thumb anyone attempting a stupid XSS against the site should have their privilage to a hidden IP address revoked and posted for all eyes to see. You never know what good it might do you or others plus some might start getting the hint that its not a smart idea. Then leave a small message in the XSS vids description about this.
Failed XSS topics will slow down plus the number of stupid wannabes that are never going to even earnestly try to learn will go down as the scupplesless internet takes advantage of their stupidity.
:)
|
Before you ask a question read this: http://freeworld.thc.org/root/docs/smart-questions.html it will make your life and everyone else's life easier.
|
|
|
8:18 pm
March 9, 2010
|
Patchy
| | Champaign, IL | |
| Admin
| posts 1648 | |
|
|
Unfortunately (or fortunately) I don't keep track of anyone's IP address. Besides those idoits don't know what an IP address is or read the forum!
|
"From the perspective of these infinites, all finites are equal, and I see no reason for fixing our imagination on one rather than on another."n~ Blaise Pascal, Pensées
|
|
|
8:29 pm
March 9, 2010
|
Patchy
| | Champaign, IL | |
| Admin
| posts 1648 | |
|
|
If I had a dollar for every time a person tried the xss attack on the forums after the video… I would be several hundred dollars richer.
|
"From the perspective of these infinites, all finites are equal, and I see no reason for fixing our imagination on one rather than on another."n~ Blaise Pascal, Pensées
|
|
|
7:13 am
March 10, 2010
|
Teddy
| | EU | |
| Elite Member | posts 268 | |
|
|
Whats about an alert box or somethin simular which appears when someone open the xss video and tell that this vuln is patched allready. That would at least stop the persons who looks the video on that page.
|
With great power comes great responsibility. Have a look at this webpage: securityoverride.com
|
|
|
10:20 am
March 10, 2010
|
Patchy
| | Champaign, IL | |
| Admin
| posts 1648 | |
|
|
I think you underestimate just how dumb these people really are! 
|
"From the perspective of these infinites, all finites are equal, and I see no reason for fixing our imagination on one rather than on another."n~ Blaise Pascal, Pensées
|
|
|
5:07 pm
March 10, 2010
|
madf0x
| | |
| Active Member | posts 230 | |
|
|
Hmm…how hard would it be to code it so that you can get their IPs and then distribute them?
|
Before you ask a question read this: http://freeworld.thc.org/root/docs/smart-questions.html it will make your life and everyone else's life easier.
|
|
|
6:02 pm
March 10, 2010
|
Patchy
| | Champaign, IL | |
| Admin
| posts 1648 | |
|
|
It wouldn't be hard at all, but it's not something I want to spent my time doing.
|
"From the perspective of these infinites, all finites are equal, and I see no reason for fixing our imagination on one rather than on another."n~ Blaise Pascal, Pensées
|
|
|
6:09 pm
March 10, 2010
|
madf0x
| | |
| Active Member | posts 230 | |
|
|
|
|
Before you ask a question read this: http://freeworld.thc.org/root/docs/smart-questions.html it will make your life and everyone else's life easier.
|
|
|
5:38 am
March 11, 2010
|
slicer45
| | |
| Elite Member | posts 270 | |
|
|
Teddy said:Whats about an alert box or somethin simular which appears when someone open the xss video and tell that this vuln is patched allready. That would at least stop the persons who looks the video on that page.
Wouldn't that just be redundant?  Were trying to get them to stop doing that test, not make them go wtf when they see it because they'll just think that they did it.
|
Being able to break security doesn't make you a hacker any more than being able to hotwire cars makes you an automotive engineer.
|
|
|
7:10 am
March 11, 2010
|
Teddy
| | EU | |
| Elite Member | posts 268 | |
|
|
slicer45 said:
Teddy said:Whats about an alert box or somethin simular which appears when someone open the xss video and tell that this vuln is patched allready. That would at least stop the persons who looks the video on that page.
Wouldn't that just be redundant? Were trying to get them to stop doing that test, not make them go wtf when they see it because they'll just think that they did it.
When the alert box appear when they try to watch the video on this page (http://infinityexists.com/vide…..episode13/) they will not think they did it because it appears before watching the video and so they have no idea about xss and have no input given.
|
With great power comes great responsibility. Have a look at this webpage: securityoverride.com
|
|
|
3:02 pm
March 11, 2010
|
slicer45
| | |
| Elite Member | posts 270 | |
|
|
Patchy said:I think you underestimate just how dumb these people really are! 
Teddy as Patchy says.
|
Being able to break security doesn't make you a hacker any more than being able to hotwire cars makes you an automotive engineer.
|
|
|
10:51 pm
March 11, 2010
|
madf0x
| | |
| Active Member | posts 230 | |
|
|
Arg, ive just been wanting to get some idiots in trouble. Stopped a spammer in the netherlands who was targetting a rp forum I was on and now I want more blood >.< and sadly I still ahve yet to obtain a new laptop to practice and hunt religiously(bday in 2 months though!!!).
|
Before you ask a question read this: http://freeworld.thc.org/root/docs/smart-questions.html it will make your life and everyone else's life easier.
|
|
Login 
Register 
Search 
Home
Print this Post 
Topic RSS 
