[Kitetoa, les pizzaïolos du Ouèb

Doubleclick - round 3: the official response

Untruste1.jpg (9416 octets)

  navbar Doubleclic
Devenez un technicien chez

Become a tech guy at
Doubleclick Round 4
Lisez mes mails, oups...,
sur mes lèvres: "nous
Read my mails, oops...,
my lips: "we are fixing
this mess"

Doubleclick Round 3
La réponse officielle
The official response

Doubleclick Round 2
Bases de données non

Unprotected databases...
Doubleclick Round 1
Hacké depuis 2 ans?
Hacked for 2 years?
nav bar recap admins
Récapitulatif des papiers
sur le monde étrange
des administrateurs réseau
et systèmes
Récapitulatif de nos
copies d'écran
sur ce même monde étrange
Cette page n'est plus mise à jour
depuis août 2001
Taijiquan style Haking (dot com)
Sasak style Haking (dot com)
Le Match Kitetoa versus
Ugly Discoursmarketing
It's a funky job.
But Kitetoa's digital clone
does it...
Do you know info-hack
La hotte du Kitetopapanoël
Ze Mega Kite-Teuf!
La fête de l'été de Kitetoa...
Les sites les plus nazes
de l'été 2000
La Loi de 78 impose
aux entreprises de protéger
les bases de données qu'elles
Better today than never... We finally saw an official DoubleClick's answer :

"We are currently in the middle of completing our due diligence pertaining to this situation. We expect this to be completed next week; at which time we will begin to make the necessary changes in order to ensure that the site is secure"

Beware, this is not an official and public response. Nope, just an ordinary answer to those who continually ask DoubleClick : "hey bud, is it true that your servers are full of good old bugs ?"

So, they'll take one week to read what follows, and verify wether their servers are vulnerable to these good old tricks :


By the way, DoubleClick tells journalists who ask for some kind of precisions that nothing's vulnerable... As usual, DoubleClick's clients have nothing to fear.

Of course.

If you want to exploit the bugs on the servers, you'll be a cracker and will go to jail (or something similar). We are no crackers. So we won't.

For those who are interested in cracking an who want to go to court and be condemned, here's the modus operandi which will prove that DoubleClick's servers are vulnerable, that one can put sniffers in it, and take back sensitive informations about their clients.

Scan all of the IP address (from one to 254), look for IIS web servers (and NT servers which seem to be very tasteful). Test the unicode bug. Search the "Unitools" package in Bugtraq, which have been submitted by Roelof W Temmingh in a post on Thursday the 25 of january 2001. Launch the scripts... That's it... You've probably hacked DoubleClick. Upload the t00lz you want. In a few days, you'll have all the logins and passwords you'll ever want to posess, but never dare to ask for. In a few months, you'll be condemned for cybercriminality... But, at least, you'll prove that DoubleClick, if one closely read their oficial response, take every body for dummies.




Liens de navigation

Naviguer, lire....

Page d'accueil


Le Sommaire



Le Forum

Nous écrire

Les mailing-lists

Les stats du serveur

Qui sommes-nous?

Les rubriques!

Les livres publiés par Kitetoa

Les interviews


Fonds d'écran et autres trucs

Les rubriques!




la malle de Kitetoa
(vieilleries du site)

Les dossiers

Le monde fou des Admins

Tati versus Kitetoa

Tegam versus Guillermito

Malade mental...

Qui est Jean-Paul Ney,
condamné pour
menaces de mort
réitérées contre Kitetoa?

Le texte de la condamnation
de Jean-Paul Ney
(résumé html)
(complet pdf)

Malade mental, bis repetita

Jean-Paul Ney condamné
pour diffamation
à l'encontre du webmaster
de Kitetoa.com

Condamnation de Jean-Paul Ney
pour diffamation (pdf)

D'autres choses...



L'association Kite-Aide


sur le site

et sur le Net...

Jean-Paul Ney

Jean-Paul Ney