Hehe - first milestone accomplished.

What it means is:
- installed Linux Ubuntu 7.10 Gutsy Gibson
- configured and build iphone-dev’s toolchain
- build the “Hello iPhone World!” application
- didn’t use Apple iPhone SDK nor any Java-like framework

My first iPhone native application

More on some details later

… sau cum sa-i f*ti pumni webmasterului de sa-i spargi toate bannerele din gura

o stare de frustrare pentru ca nu poti citi ca un om normal un site, un ziar, un “ceva” pe plaiul mioritic al internetului romanesc. de fapt ce ma enerveaza cel mai mult este faptul ca aceste flash-bannere zgomotoase se intind ca o raie incurabila pe tot ecranul. as prefera sa fie pop-upuri, ca tot deja am atat eu cat si browserul imunitate la ele…

Iritatii de la bannere

mai degraba imi vine sa-i zic webmasterului si designerului:

“fraiere, am iritatii de la bannerele tale mai mult decat de la tot barbieritul vietii mele insumat la un loc!”

just my 2cents

I use to watch Badea’s show “In gura presei” kindly provided as a recorded streaming on antena1.ro

While listening to the stream, I could not resist checking the site design, functionality and of course it’s security.

And voila - it seems that streaming archive section of antena1.ro is XSS-reflection vulnerable.

antena1.ro XSS hack

Code for PoC XSS reflection:

Code:

DISCLAIMER: this post is intended purely for security research and educative purposes as well as intended to urge the vendor to fix the problems posing threats to its customers. Any use of this information is sole responsibility of the reader and the author is not to be held liable for any miss-use of the above informative technical details.