Welcome to p2pnet.net - The original daily p2p and digital news site. Always First!
REGISTER | LOGIN
Cool Stuff
MPAA News
Games / Consoles
News
Music
Movies
Reviews
Open Source
Mobiles
Advertising
Products
P2P
Off Topic
Freedom
Politics
Interviews
Security
DRM
Links
Kids and Kartels
Scroogle Search: 
Search
 
Web p2pnet   
   Search: 
Search
Torrent Site Tracker
    Sponsored by
Frostwire
 
p2pnet
 


mp3rocket
 
Add real-time p2pnet headlines to YOUR site ! Click here to download our newsfeed code

RIAA site gets punked

p2pnet news view RIAA | P2P:- The pic on the right is what you see when you use http://nemesis.te-home.net/News/20090504_Bugs_in_RIAA_com_Website.html

(Or you did a 1:27 pm Pacific on May 4, anyway.)

And at http://nemesis.te-home.net/

WARNING: This is a proof of concept that proves an XSS on riaa.com website and should be taken as a joke.

Good one ;)

Explains enigmax on TorrentFreak »»»

Just a couple of days ago we reported that the MPAA`s website was vulnerable to an XSS attack, which left it displaying torrents from The Pirate Bay. This time a flaw has been discovered in the RIAA`s site, which now allows it to display TorrentFreak`s latest articles.

A cross-site scripting (XSS) attack is a kind of security vulnerability typically found in web applications which allows code to be injected into web pages. The `cross site` element explains how a malicious website could load another site into a frame, giving the appearance that the data all originates from the target site.

“We`re sure the RIAA and MPAA coders will be laughing heartily as they try to plug these holes,” he adds.

JN

Follow p2pnet on Twitter.

May, 2009

Use free p2pnet newsfeeds for your site. It`s really easy!

Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php

Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details.

This entry was posted on Monday, May 4th, 2009 at 5:22 pm and is filed under P2P, RIAA News. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

HOME

Viewed 2740 times

« previous p2pnet World Headlines – May 4, 2009
Phorm Storm: Ertugrul speaks next »

5 Responses to “RIAA site gets punked”

  1. surfer Says:
    May 4th, 2009 at 5:42 pm

    waka waka wakaaaa

  2. Henry Emrich Says:
    May 4th, 2009 at 9:51 pm

    Oh this is rich — absolutely and utterly classic.

    1. I hate the RIAA every bit as much as you guys, but the double-standard here is….wow.
    So somebody managed to “Punk” a corporate lobbying-group, and it’s hysterically funny.
    Yet (as we’ve seen over on the DPI thread) I used the very same XSS attack to highlight real, existing security vulnerabilities, and counteract DA’s well-intentioned scare-mongering in regard to DPI, and all I get is “You need to chill.”

    Where’s the article “de-mystifying” Cross-site scripting attacks?
    Any takers?
    (I’m sure not going to do it, especially after this latest stuff.)

    I mean, after Jon advocated the Kutiman video, we all got educated about the presumed “dangers” of flash cookies.
    Be interesting to see if this article prompts something informative in regard to xss scripting and it’s potential abuses, or just ends up as another RIAA “gotcha.”

  3. Jon Says:
    May 4th, 2009 at 10:08 pm

    @ Henry:

    “I mean, after Jon advocated the Kutiman video, we all got educated about the presumed ‘dangers’ of flash cookies.

    Actually, it was Crosbie Fitch who advocated the brilliant Kutiman video. I just followed him.

    Cheers!

  4. Reader's Write Says:
    May 4th, 2009 at 11:29 pm

    Fart, another “lost post”.

  5. United Hackers Association Says:
    May 5th, 2009 at 4:09 am

    last major hit was more funny

Leave a Reply

ONLY items referencing the post at hand, please. No links to personal sites, no personal attacks, trolling, freebie advertising, or off-topic posts. Thanks. And Cheers!

    Sponsored by
tek savvy