First of all I need to let you know that it is not within our practice to disclose vulnerabilities on specific online applications. However, given the fact that Pownce, the vendor, was responsibly informed and the fact that we believe that the issue is interesting enough to be discussed, we’ve decided to let you know about our findings. [...]
SPI Dynamics released a paper on how to port scan and do other cool stuff with JavaScript. I’ve found the paper quite interesting, so I decided to make my own port scanner in JavaScript. My aim was to build the port scanner small, cute, reusable and fast. After a couple of hours fiddling around with IMG tags and other DOM elements I came up with the following solution.
The code depends on your connection speed and might not be very accurate. [...]