| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 3 Jan 2007 02:58:40 -0500 From: "Stan Bubrouski" <stan.bubrouski@...il.com> To: "moniker monikerd" <monikerd@...il.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Google's blacklisted url database (phishing url database) You're forgetting that gmail has a feature to report phishing messages, that alone could give google quite a list of phishing sites given its userbase. -sb On 1/2/07, moniker monikerd <monikerd@...il.com> wrote: > > i see only two possible ways for google to get this kind of data. > > google toolbar > or it buys/gets this information from some isp/companies/anybody with a big > enough pipe .. > > > > > > > > > > > On 1/2/07, php0t <php0t@...ro.hu> wrote: > > > > > > How exactly does such data get captured? Somebody placed a link > > > somewhere with the url having the user/password in it ? What would be > > > the point of that? And if not, where did that come from? I peeked at > > > > http://www.google.com/tools/firefox/safebrowsing/faq.html > to learn more > > > but it only has obvious info. > > > > > > > > > > > > -----Original Message----- > > > From: full-disclosure-bounces@...ts.grok.org.uk > > > [mailto:full-disclosure-bounces@...ts.grok.org.uk] On > Behalf Of JM > > > Sent: Tuesday, January 02, 2007 11:17 PM > > > To: full-disclosure@...ts.grok.org.uk > > > Subject: Re: [Full-disclosure]Google's blacklisted url database > > > (phishing url database) > > > > > > > > > > > > I just played around a bit with those lists and as it seems, Google did > > > a splendid job, even capturing some people's login data. Like here: > > > > http://sb.google.com/safebrowsing/update?version=goog-black-url:1:7753 > > > > > > Regards, > > > J.M. > > > Professional Lurker > > > > > > >[By] "Rajesh Sethumadhavan" < rajesh.sethumadhavan@...oo.com> > > > >[Date] Dienstag, 2. Januar 2007 18:42 > > > >[To] full-disclosure@...ts.grok.org.uk > > > >[Subject] [Full-disclosure] Google's blacklisted url database (phishing > > > url > > > >database) > > > > > > > > It is possible to access google`s blacklisted url database ( phishing > > > > url database ) > > > > > > > > > http://sb.google.com/safebrowsing/update?version=goog-black-url:1:1 > > > > > http://sb.google.com/safebrowsing/update?version=goog-black-url:1:7998 > > > > > > > > > http://sb.google.com/safebrowsing/update?version=goog-white-domain:1:19 > > > ,goo > > > > >g-white-url:1:371,goog-black-url:1:7693,goog-black-enchash:1:15282 > > > > > > > > > > > > This database (Part of Google Safe Browsing) can be used in any > > > > anti-phishing commercial softwares :) > > > > > > > > Regards > > > > Rajesh Sethumadhavan > > > > http://www.xdisclose.com > > > > > > _______________________________________________ > > > Full-Disclosure - We believe in it. > > > Charter: > http://lists.grok.org.uk/full-disclosure-charter.html > > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > > > > > > > > > > > _______________________________________________ > > > Full-Disclosure - We believe in it. > > > Charter: > http://lists.grok.org.uk/full-disclosure-charter.html > > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: > http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists