On Fri, 15 Aug 2008, r3d.w0rm@xxxxxxxxx wrote: (pardon the late reply) : #!user/bin/python : # -*- coding: cp1256 -*- : ##################################################################################### : #### munky-bliki Lfi #### : ##################################################################################### : # # : #AUTHOR : IRCRASH (R3d.W0rm (Sina Yazdanmehr)) # : #Discovered by : IRCRASH (R3d.W0rm (Sina Yazdanmehr)) # : #Our Site : Http://IRCRASH.COM # : #IRCRASH Team Members : Dr.Crash - R3d.w0rm (Sina Yazdanmehr) # : ##################################################################################### : # # : #Script Download : http://kent.dl.sourceforge.net/sourceforge/munky/munky-bliki-0.01a.tar.gz Googling for "munky-bliki" gets nothing but references to this post. This is not the first 'sourceforge project' that doesn't exist within a month of a vulnerability disclosure. http://sourceforge.net/search/?type_of_search=soft&words=munky-bliki Search results in projects found for "munky-bliki" Search Help Results 1 - 0 of 0 If you broaden the search for "munky", you get the page intended I think though?: http://sourceforge.net/projects/munky/ But, you fail to specify: Last Update: Jan 03 2005 So in essence, you are taking 3+ year old software, that was in version 0.01a, and posting a vulnerability in it. You do not include the official project name (mUnky), home page, release date, affected script or anything else that would allow someone to easily validate this finding. : #DORK : "Copyright © 2004 Dovid Kopel" # No hits on the first page. How is it that so many posts to Bugtraq/F-D involve software that doesn't appear to exist, or be used by anyone reachable by Google? : ##################################################################################### : # Site : Http://IRCRASH.COM # : ###################################### TNX GOD ###################################### Yet, you can find the time to type in your domain/name at least 4 times in this post.. Someone recently pointed out that 'vulnerability disclosures' like this may actually be a form of covert broadcast designed to manipulate search engines. Personally, I think any post to Bugtraq should now be screened, and if the vendor's home page is not included, drop the post. How about you spend less time picking 'cool' nicknames, less time developing two web sites (ircrash.com, r3dw0rm.ir) and more time posting legitimate research that involves less ego. Thanks! - jericho