Tuesday, January 23, 2007

AJAX Worm Database Kicks Off

Via gnucitizen.org -

In October 2005, a flaw in the MySpace’s site design was exploited by a user only known as “Samy” to create the world’s first self-propagating cross-site scripting worm. MSNBC has also reported that MySpace is a “hotbed” for spyware, and that infection rates are rising because of MySpace. In addition to this, the customization of user pages currently allows the injection of certain HTML which can be crafted to form a phishing user profile. Wikipedia

The purpose of this project is to collect various AJAX worms. Worm submissions must follow certain format which is:
  • Worm name - It must be enclosed inside

    [atom name here]

    tags.
  • Worm description - It must start on a new paragraph.
  • Worm code - It must be enclosed inside
    [atom code here]
    tags. If the worm is composed from more then one segments, each one of them must be separated by [segment name or id] on a new paragraph.
  • Worm tags - It mus be a comma separated string.

No comments:

Post a Comment