lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 25 Aug 2004 06:14:57 -0700 (PDT)
From: Punabi MC <punj4b1_mc@...oo.com>
To: bugtraq@...urityfocus.com
Subject: Anonymous Surfing Via Gmail Login Window - Poor Sanitization


Anonymous Surfing Via Gmail Login Window - Poor
Sanitization

User can do anonymous surfing (apart form other cool
tricks) from Gmail login window. The window is small,
still checking your mails via google is phun. :)
1. Open
https://gmail.google.com/?dest=http%3A%2F%2Fblablabla.
2. The login window will display an error page.
3. Click on it.
4. Now user is directed to google.com
5. Rest you can log in anonymously via google search
engine. You can browse this window using Arrow Keys.

Regards
Punjabi MC

----

Je kade na Ranjah kan padvonda, 
                        je Heer khavandi churi na.
Mirze ne fer marna ki si, 
                        je hundi majboori na.


		
_______________________________
Do you Yahoo!?
Win 1 of 4,000 free domain names from Yahoo! Enter now.
http://promotions.yahoo.com/goldrush

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ