- Hacker Uses XSS and Google Street View Data to Determine Physical Location
- CAnCAn te iubim, CA CA tine nu gasim. Superfete.cancan.ro e de rahat
- Deface (?!?) pe Cotidianul.ro
- Virusi in clipuri video [how to]
- Cyber-Bullying – palma parinteasca a noului mileniu
- Christopher “moot” Poole: The case for anonymity online
- Wtf Avira?
- Some old story about tagged.com
- Pwning cam girls for fun
- Tabloshit
- Yahoo! again - XSS in Uncategorized (357 Visits)
- Yahoo! again - bad settings? in Uncategorized (252 Visits)
- Fanii nostri in Uncategorized (183 Visits)
- Frustrant in Uncategorized (146 Visits)
- La multi ani România, la multi ani românilor in Uncategorized (137 Visits)
- Weblog.ro - Shell via Local File Inclusion in Uncategorized (119 Visits)
- Yahoo! epic fail - permanent xss unleashed in Uncategorized (50 Visits)
- ... in Uncategorized (38 Visits)
- XSS Ownage - hi5 vs. Yahoo! + video in Uncategorized (2 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in Uncategorized (2 Visits)
- Hackersblog.org is now blog.rstcenter.com in (1800 Visits)
- O mica dar importanta precizare in (1402 Visits)
- Twitter in (846 Visits)
- This is the end in (834 Visits)
- Ce servicii de mail folositi? in (826 Visits)
- Un nou membru in (771 Visits)
- La multi ani România, la multi ani românilor in (762 Visits)
- Inca o pierdere de timp in (709 Visits)
- De reţinut in (670 Visits)
- Azi este ziua userilor hackersblog.org in (644 Visits)
- Hi5.com coders read this in (620 Visits)
- SMS scam (1) in (610 Visits)
- Dezinformare sau proasta informare? in (597 Visits)
- Phishing Raiffeisen cu atasament html in (557 Visits)
- Phishing Bancpost in (524 Visits)
- Si tentativele de phishing pot fi amuzante in (456 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/mail (2) in (2868 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in (2833 Visits)
- Despre CSRF, hi5.com, cum sa trisezi la concursuri s.a.m.d. in (1206 Visits)
- [Utilitare] Suna gratis de pe internet sau de pe iPhone in (1187 Visits)
- Ce nu se invata la scoala - (D)DOS (5) in (1007 Visits)
- Virusi in clipuri video [how to] in (967 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam (1) in (763 Visits)
- Yahoo! redirects - a big issue (with video) in (609 Visits)
- Internet vs. privacy (1) in (503 Visits)
- Ca musca in... in (462 Visits)
- RedTube.com ... The Free Sex Video Community in (13513 Visits)
- usa.kaspersky.com hacked ... full database acces , sql injection in (5411 Visits)
- libertatea.ro vulnerabil la (blind) sql injection in (3080 Visits)
- Telegraph.co.uk hacked, sql injection in (2700 Visits)
- Pwning cam girls for fun in (2693 Visits)
- Facebook hacked - sql injection in (2577 Visits)
- Simpatie.ro, matrimoniale3x.ro, apetisant.ro, deliciu.ro , etc Sql injection in (2552 Visits)
- F-Secure.com - SQL Injection + Cross Site Scripting in (1857 Visits)
- [Hacked]Bitdefender (Portugal) exposes sensitive customer data in (1853 Visits)
- Wtf Avira? in (1801 Visits)
- Christopher "moot" Poole: The case for anonymity online in (1578 Visits)
- Digital Photocopiers Loaded With Secrets in (1491 Visits)
- Hacker Uses XSS and Google Street View Data to Determine Physical Location in (891 Visits)
- Wannabe Hackers [1] - Cum sa hack-uiesti RapidShare-ul in (648 Visits)
- Wannabe Hackers [2] - cum sa faci un virus by sppy_hacker in (631 Visits)
- Hope 2603 – Kevin Mitnick - Life a Computer Hacker – Revealed in (487 Visits)
- PRIVACY IS DEAD - GET OVER IT, Pt 01-34 (Recommended by Hackersblog ) in (419 Visits)
- Oldies but goodies - Freedom Downtime - The Story of Kevin Mitnick in (416 Visits)
- [Video] The History Of Hacking in (395 Visits)
- Email Security - Why You Should Encrypt Your Email - Part One in (388 Visits)
- Deface - tuttoaffari.lastampa.it si citymusiclab.city.corriere.it in (3545 Visits)
- RNS vs. RAI - citizenreport.rai.it hacked. in (3360 Visits)
- Hi5 email finder si sfarsitul a tot ceea ce inseamna privacy in social networking in (3280 Visits)
- Se poate sparge parola de Yahoo? in (2735 Visits)
- Planete-plus-intelligente.lemonde.fr defaced by R.N.S. in (2561 Visits)
- Free SMS time, TrimiteSMS.ro in (2532 Visits)
- Gmail uber hacking in (2474 Visits)
- Cancan.ro spart pentru a doua oara intr-o zi in (2344 Visits)
- Camera de supraveghere a universitatii Alexandru Ioan Cuza din Iasi in (2322 Visits)
- Stiri cu antena3 in (2241 Visits)
Archive for the ‘Videos’ Category
Posted on May 8th, 2009
Samy Kamkar, author of the Samy Worm that took down MySpace, spoke at the OWASP App Sec 2007 conference in San Jose, California (Youtube description & title)
Posted on May 8th, 2009
There will not be many among you that understand how and why Encryption and Decryption works. Thats okay because you dont need to know how it works to be able to use it. You just need the basics in… (YouTube description and title)
Posted on May 8th, 2009
A demonstration of a phishing attack at the OWASP EU Summit 08, Portugal (YouTube description and title)
Posted on May 8th, 2009
Exploiting ClickJacking flaw to remotely connect to the user’s webcam and microphone.
http://guya.net – demonstration
Posted on May 8th, 2009
NEW ZERO-DAY BROWSER EXPLOITS: CLICKJACKING YA, THIS IS BAD, with Jeremiah Grossman and Robert RSnake Hansen.
Read the rest of this entry»
Posted on May 8th, 2009
Part 2.
Posted on May 8th, 2009
Part 3
Posted on March 12th, 2009
A very interesting presentation (video) at Blackhat conference.
Posted on January 25th, 2009
Acest articol este publicat atat in romana cat si in engleza.
Yahoo redirects are and have been continuously used in spam tehniques, for phishing and black SEO. Even though Yahoo is struggling to solve this problem, they are easy to find. When I say ease i mean seconds not minutes or hours
The whole trick is to know how a patched link looks like.
Its not hard at all. All you need is:
Firefox
Link Gopher add-on
A search engine.
How does a link that can be used as for a redirect looks like?
http://us.ard.yahoo.com/SIG=15temu9ra/M=289534.6253107.7244481.6080815/D=classreal/
S=750052198:FOOT/Y=YAHOO/EXP=1232849833/L=BmyXB86.ODX4VzI3SXtvrR9kVmjCm0l7r4kACp1e/
B=NoaQBNj8a.0-/J=1232842633729605/K=pIWiCLQq81S96lmhwDqmiw–
/A=2650127/R=2/SIG=11lp7krrc/*http://docs.yahoo.com/info/copyright/copyright.html
How does a link that can NOT be used as for a redirect to a site outside *.yahoo.com look like?
http://rds.yahoo.com/_ylt=AkWscG8XXla3AoABf80g_WeHHwx.;_ylv=0/
SIG=11idii63e/EXP=1232929280/**http%3A//hk.knowledge.yahoo.com/
How can we tell which link can be used? Notice this part of the link (from the first example):
SIG=11lp7krrc/*http://docs.yahoo.com/info/copyright/copyright.html After /* there follows the unaltered link to a diffrent domain.
The second link is a bit diffrent.
1232929280/**http%3A//hk.knowledge.yahoo.com/
Don’t mind the number of “stars”. This is what tells us that this redirect is useless: http%3A//.
All links from redirect that start with http%3A// cannot be used for sites outside yahoo.com.
I can bet that there wont be more then a week from now (the moment of posting the article) and this bug will be fixed cause we noticed a sudden love from Yahoo staff who is kind enough to pay us visits almost every day 
Versiunea in limba romana: