Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Anonymous surfing my ass! (goproxy too)
From: full-disclosure () lists netsys com (Berend-Jan Wever)
Date: Sun, 14 Jul 2002 02:37:52 +0200

This is a multi-part message in MIME format.

------=_NextPart_000_001A_01C22ADF.737B76E0
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

While checking if I really tried all the services I can find with =
google, I discovered goproxy. (www.goproxy.com) They were gone within 60 =
seconds too. Same old same old, forgot to take out the expression() =
DHTML.

----- Original Message -----=20
  From: Berend-Jan Wever=20
  To: webmaster () www the-cloak com ; Full Disclosure (netsys) ; =
security () anonymizer com ; bugs () megaproxy com=20
  Sent: Sunday, July 14, 2002 2:15
  Subject: [Full-disclosure] Anonymous surfing my ass!


  (html: =
http://spoor12.edup.tudelft.nl/SkyLined%20v4.2/?Advisories/Anonymous =
surfing, NOT!)

  Anonymous surfing websites are written by incompetend programmers keen =
on your money and not your privacy; I tested a few of them and found =
them wanting:
  - Anonymizer.com (I have hacked my way out of Anonymizer 4 times =
before and they still lack proper filtering!)
  - The-cloak.com
  - Megaproy.com
  These were all the sites I found with google and could get acces to =
without registering, if you know some more, I'd be happy to hack my way =
out of their filters.
  I'd like to mention that all filter faults were found within minutes, =
just to show (off) how easy this was.

  Vendor status: hereby informed of the issue.

  Berend-Jan Wever aka SkyLined
  http://spoor12.edup.tudelft.nl

  PS. I'm going on a holiday, so I won't respond to any replies for =
about a week. Though luck!

------=_NextPart_000_001A_01C22ADF.737B76E0
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2716.2200" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>While checking if I really tried all =
the services I=20
can find with google, I discovered goproxy. (<A=20
href=3D"http://www.goproxy.com";>www.goproxy.com</A>) They were gone =
within 60=20
seconds too. Same old same old, forgot to take out the expression()=20
DHTML.</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV>----- Original Message ----- </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
  <DIV=20
  style=3D"BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: =
black"><B>From:</B>=20
  <A title=3DSkyLined () edup tudelft nl=20
  href=3D"mailto:SkyLined () edup tudelft nl">Berend-Jan Wever</A> </DIV>
  <DIV style=3D"FONT: 10pt arial"><B>To:</B> <A =
title=3Dwebmaster () www the-cloak com=20
  =
href=3D"mailto:webmaster () www the-cloak com">webmaster () www the-cloak com</=
A> ; <A=20
  title=3Dfull-disclosure () lists netsys com=20
  href=3D"mailto:full-disclosure () lists netsys com">Full Disclosure =
(netsys)</A> ;=20
  <A title=3Dsecurity () anonymizer com=20
  href=3D"mailto:security () anonymizer com">security () anonymizer com</A> ; =
<A=20
  title=3Dbugs () megaproxy com=20
  href=3D"mailto:bugs () megaproxy com">bugs () megaproxy com</A> </DIV>
  <DIV style=3D"FONT: 10pt arial"><B>Sent:</B> Sunday, July 14, 2002 =
2:15</DIV>
  <DIV style=3D"FONT: 10pt arial"><B>Subject:</B> [Full-Disclosure] =
Anonymous=20
  surfing my ass!</DIV>
  <DIV><BR></DIV>
  <DIV><FONT face=3DArial size=3D2>(html: <A=20
  =
href=3D"http://spoor12.edup.tudelft.nl/SkyLined%20v4.2/?Advisories/Anonym=
ous surfing, =
NOT!">http://spoor12.edup.tudelft.nl/SkyLined%20v4.2/?Advisories/Anonymou=
s=20
  surfing, NOT!</A>)</FONT></DIV>
  <DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
  <DIV><FONT face=3DArial size=3D2>Anonymous surfing websites are =
written by=20
  incompetend programmers keen on your money and not your privacy; =
</FONT><FONT=20
  face=3DArial size=3D2>I tested a few of them and found them =
wanting:</FONT></DIV>
  <DIV><FONT face=3DArial size=3D2>- Anonymizer.com</FONT><FONT =
face=3DArial size=3D2>=20
  (I have hacked my way out of Anonymizer 4 times before and they still =
lack=20
  proper filtering!)</FONT></DIV>
  <DIV><FONT face=3DArial size=3D2>- The-cloak.com</FONT></DIV>
  <DIV><FONT face=3DArial size=3D2>- Megaproy.com</FONT></DIV>
  <DIV><FONT face=3DArial size=3D2>These were all the sites I&nbsp;found =
with google=20
  and could get acces to without registering, if you know some more, I'd =
be=20
  happy to hack my way out of their filters.</FONT></DIV>
  <DIV><FONT face=3DArial size=3D2>I'd like to mention that all filter =
faults were=20
  found within minutes, just to show (off) how easy this =
was.</FONT></DIV>
  <DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
  <DIV><FONT face=3DArial size=3D2>Vendor status: hereby informed of the =

  issue.</FONT></DIV>
  <DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
  <DIV><FONT face=3DArial size=3D2>Berend-Jan Wever aka =
SkyLined</FONT></DIV>
  <DIV><FONT face=3DArial size=3D2><A=20
  =
href=3D"http://spoor12.edup.tudelft.nl";>http://spoor12.edup.tudelft.nl</A=
</FONT></DIV>
  <DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
  <DIV><FONT face=3DArial size=3D2>PS. I'm going on a holiday, so I =
won't respond to=20
  any replies for about a week. Though=20
luck!</FONT></DIV></BLOCKQUOTE></BODY></HTML>

------=_NextPart_000_001A_01C22ADF.737B76E0--



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]