[olug] Lynx browser

Charles.Bird charles.bird at powerdnn.com
Wed May 13 21:45:15 UTC 2009 

Yes, I do have filesystem access, I'm currently looking through tables in
the database looking to see where the bs was placed.





On Wed, May 13, 2009 at 4:40 PM, Aric Aasgaard <aric at omahax.com> wrote:

> Do you have file system access?
>
> -----Original Message-----
> From: olug-bounces at olug.org [mailto:olug-bounces at olug.org] On Behalf Of
> Charles.Bird
> Sent: Wednesday, May 13, 2009 4:18 PM
> To: Omaha Linux User Group
> Subject: Re: [olug] Lynx browser
>
> I have very little perl experience.
>
> I have seen some nifty perl scripts before though! Like the language
> selection exploit for trixbox, blammo! reverse shell!
>
> The challenge may be in correctly identifying the malicious java script.
>
>
>
> On Wed, May 13, 2009 at 4:10 PM, Carl Lundstedt
> <clundst at unlserve.unl.edu>wrote:
>
> > I'm not familiar with the way js works, so maybe this is bogus, but have
> > you thought of using perl with the HTML libs?  I've done some limited
> > things with that (polling NOAA for temp/humidity logs and page scrapes
> > for nagios alerts for example).
> > Carl
> > On Wed, 2009-05-13 at 16:03 -0500, Charles.Bird wrote:
> > > I am trying to find a way to detect malicious js on webpages from a set
> > of
> > > URLs. Most of the time when BS-JS is on a webpage its a result of sql
> > > injection.
> > > I'm not really sure how to find bullsh*t js in an automated fashion
> quite
> > > yet, and I noticed that Lynx doesnt do js too well either :)
> > > I love automating tasks with Lynx, I once made an automated online
> voting
> > > system with Lynx and had it change user agent, use a proxy from a list,
> > etc
> > > etc.
> > >
> > > Anyone around here done anything similar? I have about 60000-85000
> > domains
> > > to hit on the one environment that I'm looking at.
> > >
> > >
> > >
> > > Charles
> > > _______________________________________________
> > > OLUG mailing list
> > > OLUG at olug.org
> > > https://lists.olug.org/mailman/listinfo/olug
> >
> > _______________________________________________
> > OLUG mailing list
> > OLUG at olug.org
> > https://lists.olug.org/mailman/listinfo/olug
> >
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://lists.olug.org/mailman/listinfo/olug
>
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://lists.olug.org/mailman/listinfo/olug
>

More information about the OLUG mailing list