Wanna FUCK some surfers'..............................
 

..........browsers??

Here you go

1html>
1form>
1input type crash>
1/form>
1/html>

replace the 1


nice one microsoft LOL
:thumbsup

no.

'sup dude?

well
create a html with those 5 lines of code and you'll see :D

already posted

didnt see that thread
well
forget about it then ;)
i just thought it was funny and ofcourse not posted already

It crashes your browser. whoopee.

Yesterday
all my trouble seemed so far away
Now it looks as though they`re here to stay
Oh I believe in yesterday

Suddenly
I`m not half the man I used to be
there`s a shaddow hanging over me
Oh yesterday came suddenly

Why she had to go I don`t know
she wouldn`t say
I sad something wrong
Now I long for yesterday

Yesterday
Love was such an easy game to play
Now I need a place to hide away
Oh I believe in yesterday

Why she had to go.......

Yesterday
Love was such an easy game to play
Now I need a place to hide away
Oh, I believe in yesterday
Mm mm mm mm mm mm mm............

I can't think of one reason why anyone in there right mind would want to use this!

Not one!!

That is kids stuff: THIS it what I recived to my camsite yesterday.


------------------

BACKGROUNDER:

Vendor web site states that WebcamXP is a "powerful webcam utility with an
integrated http server so you don't need to install a web server on your
computer. Works under all windows os and the server port can be changed."

INTRODUCTION:

We have discovered various code injection vulnerabilities in the chat
feature
of WebcamXP.

ADVISORY URL:

This advisory is available in its original format at the following URL:
http://www.frame4.com/content/adviso...A-2003-002.txt

VENDOR CONTACT:

We have emailed the creator of the program, "wet", on [email protected] with
the
specifics of this vulnerability on the release date of this advisory.

VULNERABILITY DESCRIPTION:

Please refer to the 'Technical Description' section below, for full
description
of the problem(s).

VULNERABLE APPLICATION(S)/PACKAGE(S)/VERSION(S):

We have tested these vulnerabilities between two versions; v1.02.432 and
the
latest build, v1.02.535. Whereas the chatbox feature on the application
side
seems to be pretty immune to code injection (MOST code gets stripped), the
web
page portion is far from being safe.

Although the tests have been carried out between two builds of the
program, it
is highly possible that other versions behave the same way. The tests were
only
carried out using Microsoft Internet Explorer.

SOLUTION/VENDOR INFORMATION/WORKAROUND:

None as yet. Although recently the server portion of the chat feature has
been
upgraded (where certain tags get filtered), the problems still seem to
exist.

TECHNICAL DESCRIPTION - EXPLOIT/CONCEPT CODE:

The below examples are merely a small portion of what could be possible
and in
no way constitute an exhaustive list of potential vulnerabilities.

[001] Code Injection 1

We have ascertained that typing <hahahahahahahahaalert(documenthahahahahahahaha) ;</hahahahahahahaha
in the
message field on the web page generates a message box whereas this should
be
ignored. You can see an actual screen shot of this at the following URL:
http://www.frame4.com/content/adviso...003-002-01.jpg

[002] Code Injection 2

Following on from the previous example, we have also noticed that in a
similar
manner, an hahahahahaha can be generated by simply typing the
following 'command' in
the message field: . You can find
the
relevant screen shots of this 'feature' at the following URLs:
http://www.frame4.com/content/adviso...003-002-01.jpg
http://www.frame4.com/content/adviso...003-002-02.jpg
http://www.frame4.com/content/adviso...003-002-03.jpg

[003] Code Injection 3

This is the "showstopper". We have discovered that the hahahahahaha can
be "pushed"
onto the chat initiator in the same fashion. In this case, a webcam
operator
for example, can inject a script "out" to the user via the internal chat
box.
A screen shot of this problem can be seen here:
http://www.frame4.com/content/adviso...003-002-04.jpg

[004] "Malformed Code" Injection

Whereas the command creates a
perfect
hahahahahaha (see above), if we issue (by accident) the same command in
the "wrong"
manner, i.e.:

<hahahahahahahahaalert(documenthahahahahahahaha) ;</hahahahahahahaha src=http://frame4.com

the page goes into some kind of 'loop'. The message box gets generated and
then
we DO get an hahahahahaha (and rightly, you get an 404 as the content) but the
scroll
bars disappear and the page just stops responding.

Closing the browser and re-opening at the chat URL has absolutely no
effect, as
the above loop gets repeated and the situation does not change until the
other
party resets or refreshes their page. A screen shot of this problem can be
seen
here: http://www.frame4.com/content/adviso...003-002-05.jpg

CREDITS:

The vulnerabilities outlined in this advisory and accompanying sample code
have
been discovered by a joint operation between Morning Wood and Anthony
Aykut. We
have NOT circulated any of our findings through the underground community,
and,
present them here as a PUBLIC DISCLOSURE.

Morning Wood
[email protected]
Morning Wood, Inc
http://take.candyfrom.us/

Anthony Aykut
[email protected]
Frame4 Security Systems
http://www.frame4.com

REFERENCES:

None.

ABOUT:

Frame4 Security Systems is a new security partner, empowering clients with
the
necessary knowledge and products to protect and secure their computer
systems.

Headquartered in The Netherlands, Frame4 can be reached at +31(0)172-
515901 or
on the Web at .http://www.frame4.com/.

DISCLAIMER:

This advisory is a Frame4 Security Systems ("Frame4") publication, all
rights
reserved (c) 2003. You may (re-)distribute the text as long as the content
is
not changed in any way and with this header text intact. If you want to
serve
this paper on your web site/FTP/Newsgroup/etc., we encourage you to do so,
as
long as no changes are made without the prior permission of the author(s),
no
fees are charged and proper credit is given.

IMPORTANT -- THIS DOCUMENT IS FOR INFORMATIONAL PURPOSES ONLY. To the
maximum
extent permitted by applicable law, in no event shall Frame4 Security
Systems
be liable for any damages whatsoever, (including, without limitation,
damages
for loss of any business profits, business interruption, loss of any
business
information, or other pecuniary loss) arising out of the use, or inability
to
use any software, and/or procedures outlined in this document, even if
Frame4
Security Systems has been advised of the possibility of such damage(s).
There
are NO warranties with regard to this information.

When I was young I was taught to throw sticks and stones
Because sticks and stones they could break your bones
The only way to get ahead that made any kind of sense
Was to enrich myself at other people's expense
I could walk over corpses to make myself a name
I would cheat and I could lie without showing no shame
People tried to stop me but they didn't understand
I wasn't looking for affection or a helping hand

Why doesn't anybody listen
Why doesn't anybody hear
Why doesn't anybody see me
Why don't you interfere
Don't ask me why

I never told the truth cos I believe all my lies
I believed that if I made my own alibis
I would find a good reason and a better excuse
So I could justify my hate and my self abuse
I would satisfy myself in any way I could
Because I knew that I would always be misunderstood
I did a lot of mean things that are hard to forgive
But all I ever wanted was a life to live



Looking back at my life there's a lot I regret
I made a lot of mistakes that I can never forget
But I didn't know better I was insecure
I guess I never took care of my problems before
I feel bad about the people that I pushed around
I feel bad about the people that I let down
I put the blame on myself I can't look the other way
Living with my guilt is the price I have to pay

Clawfinger (Use Your Brain - 1995)

When you're weary, feeling small
When tears are in your eyes, I will dry them all
I'm on your side, when times get rough
and friends just can't be found
Like a bridge over troubled water, I will lay me down
Like a bridge over troubled water, I will lay me down

When you're down and out, When you're on the street
When evening falls so hard, I will comfort you
I'll take your part, when darkness comes
and pain is all around,
Like a bridge over troubled water, I will lay me down
Like a bridge over troubled water, I will lay me down

Sail on Silver Girl, Sail on by
Your time has come, to shine, all your dreams are on their way
See how they shine , if you need a friend
I'm sailing right behind
Like a bridge over troubled water, I will ease your mind
Like a bridge over troubled water, I will ease your mind

faggot song

It might be useful for redirecting hotlinked traffic.

html>
form>
input type crash>
/form>
/html>

why did u put 1's in front of it if it doesnt do anything on a forum

Actually, it's just ONE line of code that causes the crash.

I'm one of the idiot coders who's actually typed this in (forgot to put the = in)

All you need to do is put "input type blah" in pointy brackets and it crashes IE, Outlook, Front Page, etc. etc. etc.

Reason for not posting pointy brackets is because HTML is on in this forum, I guess...

the code wouldn't have showed up

might prove useful on some other forums :Graucho