Announcement

Collapse
No announcement yet.

Idiot Wind??

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Idiot Wind??

    Their minds are filled with big ideas, images and distorted facts - Bob Dylan

    Quite frankly I would have to agree with this person’s assessment of themselves. The rest of DEFCON seems pretty cool so far.

    Juvenile behavior was anticipated which is why contest rules need to be read carefully. Some other DEFCON devotees might just want to ping and pound 65.124.72.202.
    DIVA

    USER INFO
    SOURCE INFO
    Address: 65.124.72.202
    Platform: WinNT
    Browser: Firefox22.0
    Version: 22.0
    String: Firefox
    Referrer:
    REQUEST TYPE:
    GET
    REQUEST URL:
    /Default.aspx?msg=%3Cscript%3Ealert(%22We%20are%20f ucking%20idiots%22);%3C/script%3E
    REQUEST QUERY STRING:
    msg=%3cscript%3ealert(%22We+are+fucking+idiots%22) %3b%3c%2fscript%3e
    EXCEPTION STRING:
    System.Web.HttpRequestValidationException: A potentially dangerous Request.QueryString value was detected from the client (msg="

    IP Details for 65.124.72.202
    General IP Information
    IP: 65.124.72.202
    Decimal: 1098664138
    Hostname: 65.124.72.202
    ISP: CenturyLink
    Organization: CenturyLink
    Services: None detected
    Type: Broadband

    Assignment: Static IP

    Blacklist:

    Geolocation Information
    Country: United States
    State/Region: Louisiana
    City: Baton Rouge
    Latitude: 30.4507 (30° 27′ 2.52″ N)
    Longitude: -91.1546 (91° 9′ 16.56″ W)
    Area Code: 225

    Another pretender - referencing something that actually caught them and didn't allow network access.

    And of course, it has absolutely nothing to do with the contest challenge.

  • #2
    Re: Idiot Wind??

    Originally posted by DIVA View Post
    Their minds are filled with big ideas, images and distorted facts - Bob Dylan

    Quite frankly I would have to agree with this person’s assessment of themselves. The rest of DEFCON seems pretty cool so far.

    Juvenile behavior was anticipated which is why contest rules need to be read carefully. Some other DEFCON devotees might just want to ping and pound 65.124.72.202.
    DIVA

    USER INFO
    SOURCE INFO
    Address: 65.124.72.202
    Platform: WinNT
    Browser: Firefox22.0
    Version: 22.0
    String: Firefox
    Referrer:
    REQUEST TYPE:
    GET
    REQUEST URL:
    /Default.aspx?msg=%3Cscript%3Ealert(%22We%20are%20f ucking%20idiots%22);%3C/script%3E
    REQUEST QUERY STRING:
    msg=%3cscript%3ealert(%22We+are+fucking+idiots%22) %3b%3c%2fscript%3e
    EXCEPTION STRING:
    System.Web.HttpRequestValidationException: A potentially dangerous Request.QueryString value was detected from the client (msg="

    IP Details for 65.124.72.202
    General IP Information
    IP: 65.124.72.202
    Decimal: 1098664138
    Hostname: 65.124.72.202
    ISP: CenturyLink
    Organization: CenturyLink
    Services: None detected
    Type: Broadband

    Assignment: Static IP

    Blacklist:

    Geolocation Information
    Country: United States
    State/Region: Louisiana
    City: Baton Rouge
    Latitude: 30.4507 (30° 27′ 2.52″ N)
    Longitude: -91.1546 (91° 9′ 16.56″ W)
    Area Code: 225

    Another pretender - referencing something that actually caught them and didn't allow network access.

    And of course, it has absolutely nothing to do with the contest challenge.
    \

    Actually, this works fine > http://demonstrator.wnlabs.com/Inclu.../14E5YtX%22%3E

    Google blocks the XSS, but firefox doesn't. Go ahead, give it a whirl. Was just looking at your product when I noticed the error in your error page.
    The default creds listed here didn't work on your demonstration box >
    http://www.wnlabs.com/Presentations/..._functions.pdf


    Either way you look at it... at least it wasn't a malicious attacker siphon'ing off your 'impenetrable' key servers admin creds.

    [UPDATE 1]
    They took the demo box offline. I will writeup a CVE for it and post it soon. Still have the screen shots and method, which will be sourced. I am sure not too many of these systems are floating around.
    Last edited by blakdayz; August 28, 2013, 16:43.

    Comment

    Working...
    X