echo 0wned Milworm advisories

Yesterday we (k-159, the_day and me) are doin some Bug Hunting for all Php Content Management System (CMS). Before we are doin this research time, k-159 has introducing us about some new technique/ways to hunting a bug in a short time. During this research day (October 9th) the_day found five advisories in a day, and K-159 found two bug in a day (but publish only one for some purpose).

how about Me?, i found some (three exactly) vulnerable CMS, but the sad thing that the version of CMS are old enough to have a bug (somebody has release the advisories n the vendor already releasing a new version). Till now, im reaching out the script to found a vulnerable one ... poor me

So, from yesterday till now, echo.or.id 0wned milw0rm top five web apps advisories, which is mean the front page... phew. Here is the screenshot, maybe u would find the same for todays,

There you go mate .., lets Dig em :)

5 comments:

y3dips said...: @th3sn0wbr4in : hu uh, maren pada semangat tuh apalagi dedi :P, yups, typically vuln script emang kek gitu, ini cuma cara sorting di cms duank :); 10/11/2006 08:56:00 AM
Matdhule said...: gimana tuh tehniknya supaya cepet dapet mas? /me juga mau diajarin :D; 10/16/2006 01:08:00 PM
y3dips said...: @matdhule: emang belum tau ? :p; 10/16/2006 06:31:00 PM
Anonymous said...: ax[I]xu said..
Bang gmn new technique nya? maklum penasarn..; 10/19/2006 04:32:00 PM
y3dips said...: coba baca-baca ini : http://blog.wired.com/27bstroke6/2006/10/fun_with_google.html, http://www.schneier.com/blog/archives/2006/10/googles_code_se.html; 10/20/2006 10:08:00 AM