[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [WEB SECURITY] SEO Code Injection Paper

From: "Hoffman, Billy" <billy.hoffman@xxxxxx>
Subject: RE: [WEB SECURITY] SEO Code Injection Paper
Date: Thu, 4 Sep 2008 22:29:48 +0000

Because why call it XSS when we can generate media hype by calling it something else? This is Bretarded and gets added to the list (http://www.memestreams.net/users/acidus/blogid10329990/)

Gunter gets bonus points for also writing "whitepapers" about Smishing, Vishing and Phraming too. ;-)

Billy Hoffman
--
Manager, HP Web Security Research Group
HP Software - Application Security Center
Direct:  770-343-7069


-----Original Message-----
From: bugtraq@xxxxxxxxxxxxxxx [mailto:bugtraq@xxxxxxxxxxxxxxx]
Sent: Thursday, September 04, 2008 6:11 PM
To: Martin O'Neal
Cc: Gunter Ollmann; websecurity@xxxxxxxxxxxxx
Subject: Re: [WEB SECURITY] SEO Code Injection Paper

I was thinking

- SEO Side Jacking
- Search Engine rank Forgery
- Search Engine Gerbiling
- Search Engine Rank Command Fixation Attacks

:)


Regards,
- Robert
http://www.cgisecurity.com/
http://www.webappsec.org/

>
>
> > Over the last few months I've been=20
> > repeatedly asked how Search Engine=20
> > Optimization (SEO) code injection=20
> > works
>
> Bah!  What kind of white-paper is this?  Surely you could have come up
> with an elaborate name for the attack, just to differentiate your paper
> properly? =20
>
> What about we call it
> maximum-impunity-overdrive-underlay-carpet-bombing? =20
>
> Or has that already been used? :)
>
> Martin...
>
> ----------------------------------------------------------------------------
> Join us on IRC: irc.freenode.net #webappsec
>
> Have a question? Search The Web Security Mailing List Archives:
> http://www.webappsec.org/lists/websecurity/archive/
>
> Subscribe via RSS:
> http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>
> Join WASC on LinkedIn
> http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>


----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA


----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA

References:
- Re: [WEB SECURITY] SEO Code Injection Paper
  - From: bugtraq

Prev by Date: RE: [WEB SECURITY] SEO Code Injection Paper
Next by Date: Re: [WEB SECURITY] SEO Code Injection Paper
Previous by thread: Re: [WEB SECURITY] SEO Code Injection Paper
Next by thread: Re: [WEB SECURITY] SEO Code Injection Paper
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site