lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Tue, 15 May 2007 02:46:50 +0200 (CEST)
From: samelinux@...il.com
To: Bug traq list <bugtraq@...urityfocus.com>
Subject: RE: Apple Safari on MacOSX may reveal user's saved passwords

It may be possible to exploit this if a user download and execute an 
applescript, i think not directly from a website cause if from a website 
it would be an XSS, right?

--
Luchino - Samel
"Close the world,txen eht nepo!"
"Yuo will never break my mind!"

On Mon, 14 May 2007, mailbox@...tinelli.com wrote:

> It may be possible to exploit this by simply accessing a malicious
> website, but I have not tested this.
>
> Anyone willing to give it out a shot?
>
> Thanks,
> John Martinelli
>
> redlevel security
> redlevel.org - security training, consultation, and more.
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ