[CrackMonkey] On <script> exploits

Jason Sopko jason at sopko.net
Sun Apr 30 18:42:55 PDT 2000

I know that Verio blocked routes to your domain due to you having
'malicious code' on your website. Just as a thought, you can go to most
search engines and search for a <script> tag, whereupon it will execute
the script. It won't work with google.com, but it does work with directhit.com and
lycos.com. Saying that, you could email a link to someone and have
lycos.com 'execute malicious code' on their machine. Such as
- or other various scripts. I don't know if this was discovered before,
but I found it amusing.


More information about the Crackmonkey mailing list