Xavier Leune xavierleune

## oustream.html

<!DOCTYPE html>
<html>

    <head>
        <link rel="icon" type="image/png" href="/favicon.png">
        <script async src="//acdn.adnxs.com/prebid/not-for-prod/1/prebid.js"></script>
        <meta charset="utf-8" />
        <title>Prebid.js Outstream without Ad Server Demo</title>
        <meta name="viewport" content="width=device-width, initial-scale=1">

## mysqli_driver.php
<?php
$tainted = new \mysqli_driver();
$original = new \mysqli_driver();
var_dump($tainted->report_mode, $original->report_mode);
// $tainted: int(0)
// $original int(0)
$tainted->report_mode = 2;
var_dump($tainted->report_mode, $original->report_mode);
// $tainted int(2)
// $tainted int(2)

## crea.html
<body marginwidth="0" marginheight="0" id="ba_x02" style="margin-left: 0%; margin-right: 0%; margin-top: 0%; margin-bottom: 0%">
    <script>
    document.body.id = "ba_x02";
    </script>
    <!-- Creative 63146848 served by Member 1443 via AppNexus --><script type="text/javascript">function writeJS(doc){var str='';str += '<DIV STYLE="position: absolute; left: 0px; top: 0px; visibility: hidden;"><IMG SRC="https:\/\/pagead2.googlesyndication.com\/pagead\/gen_204?id=xbid&dbm_b=${BEACON_DATA}" BORDER=0 WIDTH=1 HEIGHT=1 ALT="" STYLE="display:none"><\/DIV><div><div style="position:relative; display:inline-block;"><script language=\'javascript\' src="https:\/\/googleads.g.doubleclick.net\/dbm\/ad?dbm_c=AKAmf-DG88-NW5ProXl9EeV9ykgK0ruQha88UGq6qInrTseKhIoo7KrqKcQqzBCFI3kjUe_IWNCJ&dbm_d=${BID_DATA}&pr=10:0&cid=${CID}"><\/script><script type="text\/javascript">\n  var tab_adloox_alerte_id_amnet=[\'${XBID_PUBLISHER_ID}\',\'${CAMPAIGN_ID}\',\'${XBID_CREATIVE_ID}\',\'${SOURCE_URL}\',\'${INSERTION_ORDER_ID}\',\'\',\'\'];\

## keybase.md

      
        
          
            
              
              1 file
            
          
          
            
              
              0 forks
            
          
          
            
              
              0 comments
            
          
          
            
              
              0 stars
            
          
        
        
          
              
          
          
            
                xavierleune
                / keybase.md
            
            
              Created
              April 2, 2017 15:25
            
          
        
      
        
  
      
    Keybase proof

I hereby claim:

I am xavierleune on github.
I am beoneself (https://keybase.io/beoneself) on keybase.
I have a public key whose fingerprint is 6761 58DB 5D4E 4071 C41E  D0C1 3F0A 3EDC B4A2 B78C

To claim this, I am signing this object:

	<!DOCTYPE html>
	<html>

	<head>
	<link rel="icon" type="image/png" href="/favicon.png">
	<script async src="//acdn.adnxs.com/prebid/not-for-prod/1/prebid.js"></script>
	<meta charset="utf-8" />
	<title>Prebid.js Outstream without Ad Server Demo</title>
	<meta name="viewport" content="width=device-width, initial-scale=1">
	<?php
	$tainted = new \mysqli_driver();
	$original = new \mysqli_driver();
	var_dump($tainted->report_mode, $original->report_mode);
	// $tainted: int(0)
	// $original int(0)
	$tainted->report_mode = 2;
	var_dump($tainted->report_mode, $original->report_mode);
	// $tainted int(2)
	// $tainted int(2)
	<body marginwidth="0" marginheight="0" id="ba_x02" style="margin-left: 0%; margin-right: 0%; margin-top: 0%; margin-bottom: 0%">
	<script>
	document.body.id = "ba_x02";
	</script>
	<!-- Creative 63146848 served by Member 1443 via AppNexus --><script type="text/javascript">function writeJS(doc){var str='';str += '<DIV STYLE="position: absolute; left: 0px; top: 0px; visibility: hidden;"><IMG SRC="https:\/\/pagead2.googlesyndication.com\/pagead\/gen_204?id=xbid&dbm_b=${BEACON_DATA}" BORDER=0 WIDTH=1 HEIGHT=1 ALT="" STYLE="display:none"><\/DIV><div><div style="position:relative; display:inline-block;"><script language=\'javascript\' src="https:\/\/googleads.g.doubleclick.net\/dbm\/ad?dbm_c=AKAmf-DG88-NW5ProXl9EeV9ykgK0ruQha88UGq6qInrTseKhIoo7KrqKcQqzBCFI3kjUe_IWNCJ&dbm_d=${BID_DATA}&pr=10:0&cid=${CID}"><\/script><script type="text\/javascript">\n var tab_adloox_alerte_id_amnet=[\'${XBID_PUBLISHER_ID}\',\'${CAMPAIGN_ID}\',\'${XBID_CREATIVE_ID}\',\'${SOURCE_URL}\',\'${INSERTION_ORDER_ID}\',\'\',\'\'];\