The man responsible for unleashing what is believed to be the first self-propagating cross-site scripting worm has pleaded guilty in Los Angeles Superior Court to charges stemming from his most infamous hacking.
Samy Kamkar, who was 19 when he unleashed the attack on MySpace.com in October 2005, was sentenced to three years of probation and ordered to perform 90 days of community service, according to a MySpace statement released Wednesday.
Kamkar also must pay an undisclosed amount of restitution to MySpace, and he is banned from accessing the internet for personal reasons for an unknown amount of time, according to the statement.
Kamkar, using a programming technique known as Asynchronous JavaScript and XML(AJAX) that permitted browsers to execute malicious code, was able to circumvent MySpace’s strong JavaScript filters.
So checking eval'd text isn't necessary to have a "strong" Javascript filter...