| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 19 Feb 2007 12:54:36 -0500 From: <auto400208@...hmail.com> To: <bugtraq@...urityfocus.com> Cc: <full-disclosure@...ts.grok.org.uk> Subject: Re: Drive-by Pharming Threat -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I am curious as to how one "automatically" logs on? 1. Internet Explorer disallows username:pass@http://192.168.1.0 2. Opera has a very clear warning that you are logging on 3. Firefox has a very clear warning that you are logging on Are there any other methods to log on without any warning? If so does it work with Internet Explorer? Also when you do reset or change parameters in the router, does it not require a reboot of the router (auto after you hit save), whereby your connection is lost for x amount of time? 1. Unless there are methods to log on without any warning you will be informed of this, and 2. After you are informed you will lose your connection for a short period with a notification of same. Not exactly clear to me where this drive-by aspect comes into play. Also not to mention find a method to cross domains into the routers html, for each and every router out there. - -- -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.5 wpwEAQECAAYFAkXZ5GEACgkQ8swcuoVgWHA9/wP6AkhU8AvZfanE09WC2p0PPvlhBR49 AuVwNN4/QcgutQkG5UEWlfTki7NKIcNsEm2Hximktd4vo3AaH7+4ToRZ60UnAiYI0rM1 IUQj5+ts9eSiWMbSLUFyH9iPLlQEu2V8ADGi+2nGpfmEYh8/FtW98W5zHdM68JQCDXuM D0lwqao= =IapJ -----END PGP SIGNATURE----- -- Click for free info on human resource careers and make $150K/ year http://tagline.hushmail.com/fc/CAaCXv1I7UeCkIloqJbXWpQfvPyDA0JL/
Powered by blists - more mailing lists