[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] itunes.apple.com owned by webapp malicious host
- To: matador matador <m4t4d00r@xxxxxxxxx>
- Subject: Re: [Full-disclosure] itunes.apple.com owned by webapp malicious host
- From: Benji <me@xxxxxxxxx>
- Date: Fri, 1 Apr 2011 09:17:25 +0100
No they don't. All your link implies is that either a) someone
compromised the itunes account associated with that band and added the
script, or b) it was injected into place.
However at no point is the javascript executed.
Sigh, do you have a CSSIP aswell?
On 4/1/11, matador matador <m4t4d00r@xxxxxxxxx> wrote:
> Seems that Websense agree with me...
>
> http://community.websense.com/blogs/securitylabs/archive/2011/03/29/lizamoon-mass-injection-28000-urls-including-itunes.aspx
>
> ... or better they copy and paste my trivial link ... LOL! :)))
>
> 2011/3/29 Cal Leeming <cal@xxxxxxxxxxxxxxxx>
>
>> Unconfirmed, seems to escape fine for me.
>>
>> On Tue, Mar 29, 2011 at 3:22 PM, matador matador
>> <m4t4d00r@xxxxxxxxx>wrote:
>>
>>> Enjoy! :)
>>>
>>> http://www.google.com/search?q=lizamoon.com+site%3Aapple.com
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/