BUY A SHIRT!
The ED TShirt Shop is open for business! Use discount code ED2009 for 10% off! Click here to shop. ED5 Pollfest is going on now! Register a forums accounts and help us find the best article in the five year history of Encyclopedia Dramatica. Check out the three polls running today: [1] [2] [3]

From Encyclopedia Dramatica

GodTube is was a free video sharing website that is asking for it. GodTube.com is basically the trollers' gift that keeps giving. Much like JewTube, but which specializes in Christian-themed videos which Blu Aardvark is "so down for". In particular, GodTube has been compared to Conservapedia, a Christian conservative encyclopedia opposed to Wikipedia, and MyChurch (LOL), a Christian version of MySpace.

GodTube was founded by some god-fearing cunt, Chris Wyatt, who is currently a student at Dallas Theological Seminary. Word on the street is Chris Wyatt was formerly a TV producer for CBS show Kid Nation. GodTube is privately funded by investors, and dumbfucks who think evolution shouldn't be taught in schools.

Contents 1 Controversy 2 Godtastic Videos From The GodTube 3 Broadcast Him Invasion 3.1 The Invasion Begins 4 Related Articles 5 Resources

Controversy

Christian Russ Seehafer posted a video criticizing the site as founded on hubris and theological arrogance saying that "It is beyond me how anyone can claim to be so down with our maker that they are able to slap his approval on anything they deem 'christian'." The video appeared on the front page of the site and was subsequently removed. It was then reinstated with a comment from GodTube's CEO.

It is also notable that supposedly VK411 is hiding out somewhere on the site.

A question that some of these god fearing fucks will never answer is, where is your Jesus while your priests are raping little boys? 'Jesus saves'? Tell that to the little boys who were assraped in Church. But hey, as long as it's in the name of the God, It's awwright!

Godtastic Videos From The GodTube

• Atheism is shown to be without merit in 65 oddly arousing seconds (He has an accent, it must be true!)
• Anti-Abortion gatherings? Prayer Warriors? Chalk? Sounds like fun!
• Summer Camp, that battlefront for young impressionable souls.
• Beat off the pornographers who have entered into your frineds and family.
• Harrowing new movie trailor about the rising tide of homosinsuality.
• Thank God I have the uncoerced choice of choosing my master. Now I can have adventures with Jesus!

Broadcast Him Invasion

Various Anonymous groups (such as 420niggertits) were alerted to the existence of GodTube, and finally someone dropped LSD here [1].

The Invasion Begins

GodTube's site search, which can be used to find videos, groups,
and users, does not correctly sanitize its input. The problem however 
is using normal ASCII characters inside of any quote (single, or double)
will cause the page to output a script error, which will keep the 
vulnerability's payload from executing. In this example I converted

'location.href="http://www.awesomeandrew.net/"'
into its decimal equivalent 
for each character in the string, and then had it evaluated inside of 
the String.fromCharCode function to help it execute. Therefore when 
using this example in vulnerable URL you'll force an instant redirection 
to a new location.
A similar vulnerability is found within the login page, which 
is accessible whether the user is logged out, or currently 
logged in. The above example simply alerts the user with their 
cookie data (if the cookie exists), but could obviously be used 
for much greater, or malicious purposes such as phishing, stealing
cookie data, altering user information, installing third-party 
malware, or just about anything else that's possible using a computer.
The input goes unsanitized again, but using quotes with ASCII characters
inside will cause a script error again so String.fromCharCode must
be used when quotes are required.
Another vulnerability just like the other reflective cross-site 
scripting holes I've already found, but inside the user signup page.
In this instance however I forego the String.fromCharCode, and use 
the eval function to evaluate statements made after the URL's fragment
identifier (the hash symbol, or "#"). Using the script placed within 
the vulnerable area an evaluation is made on the data following the URL,
which is then executed as the payload. As with an cross-site scripting 
vulnerability this can be used for an array of purposes.

[2]

Related Articles

• Christianhillbilly
• MyChurch
• God

Resources

• GodTube.com

GodTube is part of a series on Web 2.0

Web 2.0 • Social networking • Social networking sites • Blogging • Blogosphere • PHP • Hypercube • Podcasting • Wikiing • Ajax • Ruby on Rails • Internet Humanitarianism • X is not your personal army • User-generated content • ITunes Store Web 2.0 Sites bebo | Blingee | Blogtv | Broadcaster | chacha | DeviantART | Del.icio.us | digg | facebook | Farm Town | gossip report | Hulu | justin.tv | last.fm | livejournal | livevideo | mycrib | MySpace | Ning | slashdot | stickam | Twitter | wikipedia | xanga | yahoo! answers | YouTube | ytmnd People of Web 2.0 Tom Anderson | Steve Chen | Brad Fitzpatrick | Max Goldberg | Michael Crook | Iain Hall | Chad Hurley | Kevin Rose | Kathy Sierra | Jimmy Wales | You | Mark Zuckerberg