[WEB SECURITY] Did webapp developers learn from Samy worm?

[Anurag Agarwal <anurag.agarwal@xxxxxxxxx>]

--0-777337108-1186953852=:78448
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable

At the Mozilla Pyjama party during Blackhat, Me and Jeremiah met up with Bu=
bba Gump and he shared with us an interesting story on how he was able to d=
o something similar like Samy worm on another social networking site. His s=
tory just goes to show that there are so many other websites which are stil=
l getting hacked the same way but either have no clue or are in a denial mo=
de. We asked him to share his story with others in the community too and if=
 he can write it for us then I will post it on my blog. =0A=0AYou can read =
it here=0A=0Ahttp://myappsecurity.blogspot.com/2007/08/did-webapp-developer=
s-learnt-from-samy.html=0A=0A =0ACheers,=0A =0AAnurag Agarwal=0A =0ASEEC - =
An application security search engine=0AWeb: www.attacklabs.com , www.myapp=
security.com=0AEmail : anurag.agarwal@yahoo.com=0ABlog : http://myappsecuri=
ty.blogspot.com
--0-777337108-1186953852=:78448
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: quoted-printable

<html><head><style type=3D"text/css"><!-- DIV {margin:0px;} --></style></he=
ad><body><div style=3D"font-family:arial, helvetica, sans-serif;font-size:1=
0pt"><DIV></DIV>=0A<DIV>At the Mozilla Pyjama party during Blackhat, Me and=
 Jeremiah met up with Bubba Gump and he shared with us an interesting story=
 on how he was able to do something similar like Samy worm on another socia=
l networking site. His story just goes to show that there are so many other=
 websites which are still getting hacked the same way but either have no cl=
ue or are in a denial mode. We asked him to share his story with others in =
the community too and if he can write it for us then I will post it on my b=
log. </DIV>=0A<DIV>&nbsp;</DIV>=0A<DIV>You can read it here</DIV>=0A<DIV>&n=
bsp;</DIV>=0A<DIV><A href=3D"http://myappsecurity.blogspot.com/2007/08/did-=
webapp-developers-learnt-from-samy.html">http://myappsecurity.blogspot.com/=
2007/08/did-webapp-developers-learnt-from-samy.html</A></DIV>=0A<DIV><BR>&n=
bsp;</DIV>=0A<P>Cheers,</P>=0A<P>&nbsp;</P>=0A<P>Anurag Agarwal</P>=0A<P>&n=
bsp;</P>=0A<P><A href=3D"http://www.myappsecurity.com/"; target=3D_blank rel=
=3Dnofollow>SEEC - An application security search engine</A></P>=0A<P>Web:&=
nbsp;<A href=3D"http://www.attacklabs.com/"; target=3D_blank rel=3Dnofollow>=
www.attacklabs.com</A>&nbsp;, <A href=3D"http://www.myappsecurity.com/"; tar=
get=3D_blank rel=3Dnofollow>www.myappsecurity.com</A></P>=0A<P>Email : <A h=
ref=3D"mailto:anurag.agarwal@yahoo.com"; target=3D_blank rel=3Dnofollow>anur=
ag.agarwal@yahoo.com</A></P>=0A<P>Blog : <A href=3D"http://myappsecurity.bl=
ogspot.com/" target=3D_blank rel=3Dnofollow>http://myappsecurity.blogspot.c=
om</A></P>=0A<P>&nbsp;</P>=0A<DIV></DIV></div></body></html>
--0-777337108-1186953852=:78448--