12:43 Research history | |
As already mentioned, it was decided to scan the entire ?oiao the presence of such vulnerability. Were raised by a proxy server, written by the parser and get a fresh base of domains in ru. The first version of the script worked two weeks to get a site for a site in one thread. By the end of scanning, the database has more than 3000 vulnerable sites and took more than a hundred gigabytes of source code. The problem first skanirovniya was that downloads all sortsy indiscriminately, regardless of whether they gave the 200 or 500 code, as well as graphics and pumped js-scripts. And as part of the web servers were configured in such a way to give 200 code, even if the file on the case was absent. The second version of the script was already bright, she worked in several streams from the two server machines, and response codes correctly distinguish the contents of pages received. We walked the whole ?oiao for 4 days. Future plans was the base dotcom. It became obvious that with the current resources would be made bypassing at least a couple of years (zone com now has more than 700 million domains (compared to 2 million ru)). To the Minister has been involved a great system programmer Andrew Saterenko, who wrote a quick demon who managed to be in a couple of times to reduce our time spent. But, unfortunately, by that time the summer ended, navalililas work. Ambitious plans have been agreed to roll. Before you post publicly available information about the vulnerability, it was necessary to notify all affected. The first letters were sent to the giants (yandex.ru, rambler.ru, mail.ru, opera.com, rbc.ru, 003.ru, bolero.ru, habrahabr.ru, Total 19 addresses), then last night, letters to get the rest of 3000 + sites. Release of this article, was arrested while waiting for opera.com closes the vulnerability on all their servers. | |
|
| |
| Total comments: 0 | |