lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 Aug 2010 12:29:22 +0000 (GMT)
From: White Snow <whit3.sn0w@...oo.de>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Facebook name extraction based on
email/wrong password + POC
When you are signed in to Facebook there is a feature which lets you upload your
whole address book and will tell you if it found any of your friends. That way
you can check many addresses and don't have to worry that they will present you
with a captcha at the login form.
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/