LookingGlass v1.3.0

Пульс
Вышло обновление скрипта, закрывающее XSS
It was brought to my attention last week that an RDNS XSS could exploit LookingGlass. As it turns out, illegal characters are not filtered on a lower level (as RFC1034 would suggest).
LookingGlass was vulnerable as it simply outputs the contents from a terminal. The fix applied uses htmlspecialchars() to filter stdout from terminal.

1.3.0 (2015-01-25)
  • Fix RDNS XSS
  • Fix ' ' being escaped by temporary patch (SHA a421a8e)
  • Fix 'REQUEST_URI' XSS (URL is now hard-coded via config)
  • Catch error when using IPv6 hostname with IPv4 command, and vice versa
  • Added .htaccess (fixes readable subdirectory)
  • Added sample Nginx configuration (fixes readable subdirectory)
  • GNU shred to create test files (fixes gzip and ssl compression)
  • Update configure.sh (add site url, sudo for centOS, and user:group chown)
  • Update cerulean and united to Bootstrap v2.3.2
  • Update readable and spacelab to Bootstrap v2.2.1
  • Update Jquery to v1.11.2
  • Update XMLHttpRequest.js

github.com/telephone/LookingGlass
github.com/telephone/LookingGlass#updating

Сборник LookingGlass

Технические топики
lg.gldn.net Билайн
lg.transtk.ru lg.ttk.ru lg.ttknn.net ТТК
net.mail.ru/looking_glass.html mail.ru
lg.kvant-telecom.ru
lg.megafon.ru Мегафон
www.msk-ix.ru/network/lookingglass.html msk-ix
www.ix.ru/spb/network/lookingglass.html spb-ix
ix.atrato.com/lg/ Atrato IX Monitoring AS 60666

lg.selectel.ru
hetzner-lg.com
lg.de-cix.net
lg.oversun.ru/
noc.caravan.ru/cgi-bin/lg.cgi
lg.atservers.com/ (activecloud)

dataix.ru/rus/s/11/looking_glass.html
lg.retn.net
looking-glass.telia.net
lg.obit.ru
noc.runnet.ru/lg
lg.edpnet.net
lg.mtu.ru/cgi-bin/lgform.cgi
lg.version6.net
lookingglass.level3.net
hub.interoute.com/lookingglass.aspx

Глобальные списки
lg.he.net
www.lookinglass.org
www.traceroute.org/#Russia

lg.vpsrealm.com Montreal, Canada
lg.filemedia.net Frankfurt, Germany (Global Switch)
de-lg.saulhost.com Frankfurt, Germany
lg.syscentral.de Frankfurt, Germany
de.lg.afterburst.com Nuremberg, Germany
lg.ransomit.com.au Adelaide, Australia
lg.ceuservers.net Zlin, Czech Republic
dal.lg.ssdvirt.com Dallas, Texas
nl.fusioned.net Dataplace, Alblasserdam (NL)
lg.servercrate.com Dallas, TX
www.frozenink.net Atlanta (hera), Vegas (zeus)
lg.datarealm.com Scottsdale, AZ
lg.sonicvps.com Las Vegas, Nevada (Fiberhub Data Centre)
lookingglass.scan-host.com Lenoir, North Carolina, USA
as53767.net/lg.php Phoenix NAP, Phoenix, AZ, USA
lg.datafabrik.de Frankfurt am Main, Germany (FRA4)
lg.rackplace.de Frankfurt am Main
ru.edis.at Moscow, Russia
it.ahost.eu/ Milano, Italy



Пополняем, наполняем, как обычно пост-список