iBLOGthere4iM
Randy Charles Morin blogs for the sake of blogging.
Subscribe (What is this?)
Subscribe
Latest Comments
Email me Send me Feedback
Archive
June 2010
May 2010
April 2010
March 2010
January 2010
December 2009
November 2009
October 2009
September 2009
August 2009
July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
August 2008
July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
July 2004
June 2004
May 2004
April 2004
March 2004
February 2004
January 2004
December 2003
November 2003
October 2003
September 2003
August 2003
July 2003
June 2003
May 2003
April 2003
March 2003
February 2003
January 2003
Blogroll
Chip's Quips RSS
Marjolein Hoekstra RSS
Joseph A Nagy Jr RSS
Oleg Dulin RSS
Scott Kingery RSS
David Rothman RSS
Tom Simpson RSS
Aimee Evans RSS
Jason Schramm RSS
David Walker RSS
Alec Saunders RSS
Tim Dungan RSS
Nathan Weinberg RSS
Steve Michel RSS
Link Blog
History
Articles
Resume
Cafepress
About the Author
Technorati Profile
Copyright 2003-5 Randy Charles Morin
iBLOGthere4iM
<< Previous Main Next >>
Mon, 02 Oct 2006 14:23:16 GMT
How Jason H4x0red my Blog

OK, I figured out how Jason h4x0red my blog. It's actually pretty easy and would work on any blog that supports RSS and MetaWeblogAPI, but there's no reason why this technique couldn't be ported to blogs that support other syndication and publishing technologies. Basically, Jason took advantage of an RSS unchecked buffer problem to post to my blog using MetaWeblogAPI. You can do the same by simply finding out what IP address a subscriber of yours is using and stuffing the buffer overflow code into your own RSS feed. When the subscribers native RSS reader polls your feed, the buffer overflow code causes blog entries to be posted on his blog. I'm not going to give specific samples because I don't want people exploiting this problem, which exist on any desktop with Firefox, IE7 or other native RSS reader. But, what I will do is cause the following code to be posted on several blogs across the blogosphere as proof that the technique works.

This blog h4x0red using Host Overflow Application eXception.

Permalink Comments +del.icio.us +digg Tell-a-Friend Categories:   
Reader Comments RSSRmail
Thu, 22 Mar 2007 23:04:01 GMT
User comment
replica handbags replica designer handbags designer replica handbags replica coach handbags wholesale replica handbags replica handbag replica louis vuitton handbags coach replica handbags replica chanel handbags http://g6f8e8.probook.de/ replica handbags replica designer handbags designer replica handbags replica coach handbags wholesale replica handbags replica handbag replica louis vuitton handbags coach replica handbags replica chanel handbags
Thu, 29 Mar 2007 07:54:21 GMT
User comment
The classic Louis Vuitton replica Bucket Handbag Sparks up!!! The Bucket gets punched up with the enjoyable New Monogram Cerises canvas. Red topstitching and a fine canvas leather lining accent the smiling cherries, creating a chic, cheerful accessory (that just happens to be very useful!). The attached cosmetics pouch which can be used as a little purse goes bright in a coordinating red along with the red topstitching. The trim remains cowhide leather which will turn the dark honey color over time. Comes with Monogram Cerises canvas with natural cowhide leather, Matching red zip-top cosmetics pouch, Leather straps, Polished golden metal hardware, Inside open pocket and zipped pocket, Fine canvas lining canvas lining, Protective brass feet. * Comes with:Red Dust Bag * Care Book * Serial Number * Receipt
Thu, 29 Mar 2007 07:54:54 GMT
User comment
Louis Vitton replica handbag Neo Speedy  delivered to anywhere

<img src="http://www.fashionhause.com/images/large/denimneospeedy_LRG.jpg">

Details are coming soon Actual size: 11.7''x12.7''x5.1''

Please check out our website:
http://www.fashionhause.com   There are many top quality of replica handbags for sell
with perfect weight, feel, and like the originals.or email us : info@fashionhause.com