Comments on: Pentagon Web Site Vulnerabilities Identified http://praetorianprefect.com/archives/2009/12/pentagon-web-pwned/ Information security, a little slower...a little deeper Tue, 07 Feb 2012 08:17:21 -0500 http://wordpress.org/?v=2.9.2 hourly 1 By: ip intel http://praetorianprefect.com/archives/2009/12/pentagon-web-pwned/comment-page-1/#comment-164297 ip intel Tue, 24 Jan 2012 18:29:41 +0000 http://praetorianprefect.com/?p=2047#comment-164297 <p>http://ipduh.com/url/decode/?http://pentagon.afis.osd.mil/tours?action=viewLargePhoto&title=1%3E%22%3E%3CScRiPt%20%0A%0D%3Ealert%28document.cookie%29%3B%3C/ScRiPt%3E</p> http://ipduh.com/url/decode/?http://pentagon.afis.osd.mil/tours?action=viewLargePhoto&title=1%3E%22%3E%3CScRiPt%20%3Ealert%28document.cookie%29%3B%3C/ScRiPt%3E

]]> By: XSS Flaw on Paypal.com | Portable Digital Video Recorder http://praetorianprefect.com/archives/2009/12/pentagon-web-pwned/comment-page-1/#comment-8384 XSS Flaw on Paypal.com | Portable Digital Video Recorder Sat, 27 Mar 2010 07:36:02 +0000 http://praetorianprefect.com/?p=2047#comment-8384 <p>[...] Pentagon Web Site Vulnerabilities Identified [...]</p> [...] Pentagon Web Site Vulnerabilities Identified [...]

]]> By: Week 50 in Review – 2009 | Infosec Events http://praetorianprefect.com/archives/2009/12/pentagon-web-pwned/comment-page-1/#comment-5040 Week 50 in Review – 2009 | Infosec Events Sat, 02 Jan 2010 07:24:59 +0000 http://praetorianprefect.com/?p=2047#comment-5040 <p>[...] Pentagon Web Site Vulnerabilities Identified – praetorianprefect.com A Romanian hacker has discovered security vulnerabilities on a tour images section of the official web site of the Pentagon. [...]</p> [...] Pentagon Web Site Vulnerabilities Identified – praetorianprefect.com A Romanian hacker has discovered security vulnerabilities on a tour images section of the official web site of the Pentagon. [...]

]]> By: MaXe http://praetorianprefect.com/archives/2009/12/pentagon-web-pwned/comment-page-1/#comment-4068 MaXe Wed, 09 Dec 2009 15:58:34 +0000 http://praetorianprefect.com/?p=2047#comment-4068 <p>There's more XSS vulnerabilities on the DoD domain.. (They're already been notified)</p> There’s more XSS vulnerabilities on the DoD domain.. (They’re already been notified)

]]> By: Website design and developer – Hacker proof XSS attacks on Pentagon’s public Website http://praetorianprefect.com/archives/2009/12/pentagon-web-pwned/comment-page-1/#comment-4022 Website design and developer – Hacker proof XSS attacks on Pentagon’s public Website Wed, 09 Dec 2009 02:24:33 +0000 http://praetorianprefect.com/?p=2047#comment-4022 <p>[...] to an external JavaScript, I can do most anything I can do in JavaScript,” says Kennedy, who blogged about the find yesterday. “That includes basic stuff, like crafting a URL to send to users [...]</p> [...] to an external JavaScript, I can do most anything I can do in JavaScript,” says Kennedy, who blogged about the find yesterday. “That includes basic stuff, like crafting a URL to send to users [...]

]]> By: Praetorian Prefect | Six Bulletins in Last Patch Tuesday of 2009 http://praetorianprefect.com/archives/2009/12/pentagon-web-pwned/comment-page-1/#comment-3997 Praetorian Prefect | Six Bulletins in Last Patch Tuesday of 2009 Tue, 08 Dec 2009 20:36:41 +0000 http://praetorianprefect.com/?p=2047#comment-3997 <p>[...] addressed immediately; even if you are confident about not browsing malicious sites, a known site, such as the Pentagon web site, could be used to automatically execute or redirect you to malicious code using cross-site [...]</p> [...] addressed immediately; even if you are confident about not browsing malicious sites, a known site, such as the Pentagon web site, could be used to automatically execute or redirect you to malicious code using cross-site [...]

]]> By: Prefect http://praetorianprefect.com/archives/2009/12/pentagon-web-pwned/comment-page-1/#comment-3983 Prefect Tue, 08 Dec 2009 17:24:53 +0000 http://praetorianprefect.com/?p=2047#comment-3983 <p>MDA - I could see that. I didn't want to say cracker, because there did not appear to be any malicious intent.</p> <p>Researcher did not appear appropriate either.</p> <p>So I settled on hacker - he who may enjoy the challenge of breaking into other computers but does no harm;</p> MDA – I could see that. I didn’t want to say cracker, because there did not appear to be any malicious intent.

Researcher did not appear appropriate either.

So I settled on hacker – he who may enjoy the challenge of breaking into other computers but does no harm;

]]> By: mda http://praetorianprefect.com/archives/2009/12/pentagon-web-pwned/comment-page-1/#comment-3973 mda Tue, 08 Dec 2009 13:08:07 +0000 http://praetorianprefect.com/?p=2047#comment-3973 <p>"A Romanian hacker" Cand am vazut asta mi-a pierit cheful de citit.Sa fim seriosi. Pa</p> “A Romanian hacker” Cand am vazut asta mi-a pierit cheful de citit.Sa fim seriosi. Pa

]]> By: Pentagon XSS-ed. - Romanian Security Team - SECURITY RESEARCH http://praetorianprefect.com/archives/2009/12/pentagon-web-pwned/comment-page-1/#comment-3969 Pentagon XSS-ed. - Romanian Security Team - SECURITY RESEARCH Tue, 08 Dec 2009 10:43:59 +0000 http://praetorianprefect.com/?p=2047#comment-3969 <p>[...] XSS-ed. Praetorian Prefect | Pentagon Web Site Vulnerabilities Identified __________________ "Social engineering bypasses all technologies, including [...]</p> [...] XSS-ed. Praetorian Prefect | Pentagon Web Site Vulnerabilities Identified __________________ "Social engineering bypasses all technologies, including [...]

]]>