El mmg de Hades publico esto antes que yo, un XSS en live mail, estaba almacenado en /stuff hace tiempo ya, es un simple poc, que muestra los contactos. Fue reportado a Microsoft hace casi 1 mes, recibi un correo diciendo que ya habrian creado un reporte interno, donde se encargarian del asunto.
POC: http://beford.org/stuff/live.htm
Y otra cosa interesante que encontre, es algo en la interface movil de google, en la seccion para configurar el idioma, el parametro continue, recibe la ruta donde se encontraba el usuario, para poder retornarlo alli una vez seleccione el idioma. Aparentemente no estan haciendo una concatenacion de 'm.google.com/' + continue sino de 'm.google.com' + continue. Pasandole a continue un valor de '.otrodominio.com' hariamos que todos los enlaces apunten a un sitio externo fuera de google.
POC: http://m.google.com/languages/?dc=gorganic&continue=.beford.org
I've already got the N810, so far I've got to say that it's an awesome device, it's way smaller than I thought it would be. I had to flash the N810 using the lastest firmware in order to install some applications such as Skype. I was a bit scared of doing it because I had some issues last time I flashed my cell phone, a Sony Ericcson W810i, I fuxored it although I was using Sony's Official tool to update it, I was unable to use it for a weeks, the time it took me to do read about flashing with some 3rd party tools.
I've got the scratchbox environment running, I had some issues installing it on Ubuntu Hardy, following some advices from qwerty12 on ITT solved everything and allowed me to get the Maemo SDK running on lastest Ubuntu.
I had to disable vdso by adding vdso=0 to the kernel line on /boot/grub/menu.lst file. The second problem is related to a memory protection that got enabled on lastest kernel, you need to edit /etc/sysctl.conf and change: vm.mmap_min_addr = 65536 to: vm.mmap_min_addr = 4096.
I've already installed the following apps:
- Canola / Mplayer
- FBReader / Evince / Xournal
- MaemoFTP / rdesktop / openssh
- Duke3D / LxDoom / Quake / iNES
- Pidgin / XChat / Skype
I was looking for a torrent client, found transmission for maemo, but it was not working very well, it was pausing itself after a while, so with my sbox installation, compiled libtorrent and rtorrent from debian's repository, and installed on n810 with dpkg, it works like a charm.
El sitio permanecio offline en las ultimas 48 horas debido a fallas que se presentaron en los Data Centers de ThePlanet (nuestro proveedor). Estos problemas no solo afectaron a nuestro servidor, afectaron a mas de 9000 servidores que se encontraban alojados en el mismo Data Center, al parecer una explosión ocurrio en el cuarto de Alimentación, que incluso provoco daños a la estructura del edificio.