[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [WEB SECURITY] SEO Code Injection Paper

From: "Arian J. Evans" <arian@xxxxxxxxxxxxxx>
Subject: Re: [WEB SECURITY] SEO Code Injection Paper
Date: Thu, 4 Sep 2008 15:48:02 -0700

Be careful with Search Engine Gerbiling.

That got me into A LOT of trouble recently.



Probably over $10k of repairs before all is said and done.

-- 
Arian J. Evans.
Software. Security. Stuff.


On Thu, Sep 4, 2008 at 3:10 PM,  <bugtraq@xxxxxxxxxxxxxxx> wrote:
> I was thinking
>
> - SEO Side Jacking
> - Search Engine rank Forgery
> - Search Engine Gerbiling
> - Search Engine Rank Command Fixation Attacks
>
> :)
>
>
> Regards,
> - Robert
> http://www.cgisecurity.com/
> http://www.webappsec.org/
>
>>
>>
>> > Over the last few months I've been=20
>> > repeatedly asked how Search Engine=20
>> > Optimization (SEO) code injection=20
>> > works
>>
>> Bah!  What kind of white-paper is this?  Surely you could have come up
>> with an elaborate name for the attack, just to differentiate your paper
>> properly? =20
>>
>> What about we call it
>> maximum-impunity-overdrive-underlay-carpet-bombing? =20
>>
>> Or has that already been used? :)
>>
>> Martin...
>>
>> ----------------------------------------------------------------------------
>> Join us on IRC: irc.freenode.net #webappsec
>>
>> Have a question? Search The Web Security Mailing List Archives:
>> http://www.webappsec.org/lists/websecurity/archive/
>>
>> Subscribe via RSS:
>> http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>>
>> Join WASC on LinkedIn
>> http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>>
>
>
> ----------------------------------------------------------------------------
> Join us on IRC: irc.freenode.net #webappsec
>
> Have a question? Search The Web Security Mailing List Archives:
> http://www.webappsec.org/lists/websecurity/archive/
>
> Subscribe via RSS:
> http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>
> Join WASC on LinkedIn
> http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
>

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA

References:
- Re: [WEB SECURITY] SEO Code Injection Paper
  - From: bugtraq

Prev by Date: RE: [WEB SECURITY] SEO Code Injection Paper
Next by Date: [WEB SECURITY] IE8 XSS filter and more
Previous by thread: RE: [WEB SECURITY] SEO Code Injection Paper
Next by thread: RE: [WEB SECURITY] SEO Code Injection Paper
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site