YouTube home Comedy Week on YouTube
Upload

#RefRef executed in Perl - Anonymous

AnonWiki AnonWiki·7 videos
1,191
42,541
Like     Dislike 7

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to like AnonWiki's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to dislike AnonWiki's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to add AnonWiki's video to your playlist.

Uploaded on Aug 9, 2011

AnonOps
AnonHispano
AnonSpain
AnonWiki

Ratings have been disabled for this video.
Rating is available when the video has been rented.
This feature is not available right now. Please try again later.

All Comments (112)

Sign in now to post a comment!
  • Max Govanni

    Max Govanni 3 months ago

    Ahm... no i know much more vulnerabilitys but RefRef just works with SQLi... i thought if you talk about taking down FB under RefRef you want to use RefRef for it ;-)

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Max Govanni's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Max Govanni's comment.
    in reply to Lester Pollack (Show the comment)
  • Lester Pollack

    Lester Pollack 3 months ago

    lol... only vuln you know??? hahahaha. SQL = Skilless Quality LameAssAttack

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Lester Pollack's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Lester Pollack's comment.
    in reply to Max Govanni (Show the comment)
  • Lester Pollack

    Lester Pollack 3 months ago

    LoL. You can't argue code with a script kiddie. He doesn't know what it's doing. He can't mod it. He can't make his own. He can just run a perl app from a terminal and type perl vuln.pl -whatevervaribleallowedforthes­cript whatheveraddy enter. And than go to IRC and be like I ma 1337. and 99.9% of the time they don't even know -whatevervaribleallowed so they just run some shitty scripts they don't know how to use. Next time he needs to you 127.0.0.1 . as well as type del *.*

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Lester Pollack's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Lester Pollack's comment.
    in reply to Nathan Palmer (Show the comment)
  • Nathan Palmer

    Nathan Palmer 5 months ago

    I don't need to believe you, I already know how it works. You didn't have to reply to me explaining what it is. That is like if you were gardening and I just started explaining how plants grown and then acted like you would've never known. lol. Telling me what I already know. Re-read what I said because I never said it wasn't an exploit.

    P.S. I'm 110% sure it is a JS/SQL vulnerability. I have a copy of #RefRef for studying purposes and I just looked it up to re-check what I already know.

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Nathan Palmer's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Nathan Palmer's comment.
    in reply to Max Govanni (Show the comment)
  • Max Govanni

    Max Govanni 5 months ago

    The vulr in Java has not been closed yet. Its a single code making the server crashing itself by opening to many processes. The EXPLOIT is done by a SQL-Vulr using a single packet. Thats it, believe me or not

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Max Govanni's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Max Govanni's comment.
    in reply to Nathan Palmer (Show the comment)
  • Nathan Palmer

    Nathan Palmer 5 months ago

    I know that using one single packet won't overload the server, and it's actually a JavaScript vulnerability... A vulnerability which causes excessive bandwidth load and temporarily downs the server. Confusing Java and JS and you're calling me a "n00b"?? Hahaha..

    My comment was more or less out there for the people who for downloading programs like this and LOIC and then call themselves hackers. RefRef also doesn't work on most sites anymore if I'm not mistaken.

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Nathan Palmer's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Nathan Palmer's comment.
    in reply to Max Govanni (Show the comment)
  • Max Govanni

    Max Govanni 5 months ago

    ??????? It depends on website u attack man -_-' some r low secured, some r well secured... ;-)

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Max Govanni's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Max Govanni's comment.
    in reply to Hubarzus (Show the comment)
  • Hubarzus

    Hubarzus 5 months ago

    And let me guess: It's fixed since years.

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Hubarzus's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Hubarzus's comment.
    in reply to Max Govanni (Show the comment)
  • Max Govanni

    Max Govanni 5 months ago

    This is true man. But your target needs to have a SQL-Vulr for this to work.

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Max Govanni's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Max Govanni's comment.
    in reply to Hubarzus (Show the comment)
  • Max Govanni

    Max Govanni 5 months ago

    -_- Refref can't be reason for a bandwitch overload, because all you do is sending a SINGLE packet!! The rest happens on the server, its a vulr. in Java, exploited at the targets server using SQLi. u r the n00b man ;-)

    ·

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Max Govanni's comment.

    Sign in to YouTube

    Sign in with your YouTube Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to rate Max Govanni's comment.
    in reply to Nathan Palmer (Show the comment)
  • Loading comment...
Loading...
Advertisement
Loading...
Working...
Sign in to add this to Watch Later