elegance

[ned <nd () felinemenace org>]

after combining google (pygoogle.sourceforge.net), simple url processing 
and 1/3 of a clue about major problems in web applications (encompassing 
cgi..) and how to find them...:

C:\misc\SF>python STABFACE.py
end at offset 290
FOUND -> http://edsitement.neh.gov/view_lesson_plan.asp?id=400'
FOUND -> http://nces.ed.gov/fastfacts/display.asp?id=400'
FOUND -> http://www.e-gov.com/showPR.asp?id=400'
FOUND -> http://web.ncifcrf.gov/campus/calendar/view-event.asp?id=400'
FOUND -> http://www.gov.ns.ca/news/details.asp?id=400'
FOUND -> http://said.dol.gov/WhatsNew.asp?ID=400'
FOUND -> http://www.miproyecto.gov.ve/masdetalle.asp?ID=400'
FOUND -> http://www.inel.gov/st-needs/need-detail.asp?id=400'
FOUND -> http://www.peoplesnetwork.gov.uk/news/article.asp?id=400'
FOUND -> http://www.presidiotrust.gov/news/press_release.asp?id=400'
FOUND -> http://www.cityofboston.gov/contact/default.asp?ID=400'
FOUND -> http://www.mpriv.sr.gov.yu/ita/info/solo.asp?ID=400'
FOUND -> http://cfc.ky.gov/cbs-snap/child_details.asp?ID=400'
FOUND -> http://www.mec.gov.br/acs/asp/noticias/noticiasId.asp?Id=400'
FOUND -> http://www.stcsm.gov.cn/events/detail.asp?id=400'
FOUND -> http://www.wastewise.wa.gov.au/pages/links2.asp?ID=400'
etc...(about another 100 results)

and people still use overflows in windows worms? these machines are 
usually the ones worth attacking, with the promise of big databases 
usually fulfilled.
any suggestions on fixing this huge problem? can it be fixed?
- nd

-- 
http://felinemenace.org/~nd

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave