Author Topic: MSN's Censorship (err, security)  (Read 3592 times)

0 Members and 1 Guest are viewing this topic.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
MSN's Censorship (err, security)
« on: August 05, 2007, 02:28:03 pm »
So last week on worsethanfailure.com, it was reported that Windows Live Messenger was blocking all text with ".scr" in it, which includes the JavaScript code ".scrollto". Of course, this is mainly because, on Windows, a .scr file is a .exe file in disguise.

On Adium, they're compiled a list of all text that Microsoft blocks:
http://trac.adiumx.com/wiki/MSNCensorship

To save some trouble, here are the strings they've found so far:
    * .info
    * profile.php? (including ‘?’)
    * download.php? (including ‘?’)
    * gallery.php
    * pics.php
    * ListAllTopics.php
    * .scr (source)

I'm not really sure what good this does. Guess it's good for a false sense of security. :)

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: MSN's Censorship (err, security)
« Reply #1 on: August 05, 2007, 02:33:32 pm »
Wow, that's ridiculous!

I like how the article you link uses the term "Memory Hole." :)

Offline Hitmen

  • B&
  • x86
  • Hero Member
  • *****
  • Posts: 1913
    • View Profile
Re: MSN's Censorship (err, security)
« Reply #2 on: August 06, 2007, 06:44:50 am »
Code: [Select]
For anyone that's wondering about this, here's a full list of everything that's censored:
    .pif
    .scr
    grouppicture.php
    groupicture.php
    gallery.php
    staff.php
    pics.php
    rottentomatoes.us
    msn.php\?email=
    download.php
    www.baratinha.mypets.ws
    www.messangerstats.net
    www.messengertools.org
    www.stuffplug.com/temp/downgrdr.exe
    69.56.129.67/gift.com
    xmas-2006
    miralafoto/foto.exe
    168.169.78.19
    profile.php\?
    tufoto
    www.hornymatches.com
    www.iwantu.com
    www.block-checker.com
    verti2/fantasma.zip
    www.amigosparasempre.smtp.ru
    www.amigosparasempro.smtp.ru
    armazfiles.smtp.ru
    www.chinacircle.com
    www.mensagemparavc.mail15.com
    www.mprofiles.net/members.php\?msn=
    www.930le.com
    www.66663.cn
    www.shusu.cn
    www.1717wan.cn
    www.995ba.com
    www.mydipan.cn
    www.51kongqi.com
    www.94nile.com/apple
    sweetpictures.myphotos.cc/katiesex.pif
    201.22.6.4/fotos/safada.html
    www.life365.com
    www.photogbase.com/pictures.php\?photo656.jpg
    chnstudio.com/upload/impluse.exe
    shurl.org/myhomepage
    p1377.pic-myspace.info
    www.mypengyou.com
    pic831.mp3-myspace.com
    www.51pingguo.cn
    88chi.com
    nihao52.com
    81copy.com
    myonlinecam.net
    77885.cn
    51zhaogu.com
    51shejiao.cn
    gangen.cn
    wangw.cn
    uglyphotos.net
    funpic.de
    505united.com
    t35.com
    quicknews.info
    symantec.com/security_response/writeup.jsp\?docid=2004-120714-0643-99
    members.lycos.co.uk/svy21/t/contact.php
    sonresimler1.googlepages.com/ozelresimler.htm
    viotagallery.com
    www.spotyourface.net/main/pictures/sexy
    image001.png
    image002.gif
    funbuddyicons.com
    wellwell.biz
    casedinjertionkderunhdaseo.com
    jertionkdewiondaserunf.com
    butuinkdesionmas.com
    imp.exe
    bush-gracioso.exe
    www.windowslivemessenger.biz/msn/msn.php
    memebers.lycos.co.uk/getmessenger
    get-messenger
    belgravehelpdesk.com
    xpimad.com
    album.zip
    malbranche.goracer.de
    albrahem.com
    improfile.net
    unknowntools.com
    www.dreamlife365.com/member/
    hetandunhasde.com
    www.mensageirovirtual.land.rup



lol @ http://www.symantec.com/security_response/writeup.jsp?docid=2004-120714-0643-99 being blocked. Shhh, don't tell anyone about the adware!
Quote
(22:15:39) Newby: it hurts to swallow

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: MSN's Censorship (err, security)
« Reply #3 on: August 06, 2007, 08:58:01 am »
lol @ http://www.symantec.com/security_response/writeup.jsp?docid=2004-120714-0643-99 being blocked. Shhh, don't tell anyone about the adware!
Well, it's an anti-MS adware, we can't have people thinking MSN is insecure!