| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6E4E9A51D91C044F9879FD72389600F73A6E3C@new_iron.vigilantminds.com> From: brian.dinello at vigilantminds.com (Brian Dinello) Subject: Spam with PGP My personal favorite is the 'message embedded in an html table' trick where every letter in the email is in its own cell in a table like this: <pre> <table cellpaddig=0 cellspacing=0> <tr> <td> H </td> <td> e </td> <td> l </td> <td> l </td> <td> o </td> </tr> </table> </pre> This defeats almost every type of spam blocking app made today. Even if html tags are stripped. When the message is rendered in an html capable browser, it is human readable. Very sneaky! Brian Dinello, CISSP Senior Security Consultant -----Original Message----- From: Security Administrator [mailto:security@...aru.com] Sent: Tuesday, October 07, 2003 9:22 AM To: Lan Guy Cc: full-disclosure@...ts.netsys.com Subject: Re: [Full-Disclosure] Spam with PGP I remember hearing this is another method for bypassing spam filters. Apparently some filters will pass e-mail with PGP signatures thinking it is legitimate. It is an interesting concept, though. I think my favorite is still the jpgin an html enabled e-mail with seemingly valid information and links that is actually a link to an xss or pr0n site. Spammers are starting to use better methodologies and soon filtering options will be almost impossible. I find it amusing to see what they will do next, though. -William ######################### security@...aru.com I'm nobody, yet.. ######################### On Tue, 7 Oct 2003, Lan Guy wrote: > I just got this piece of Spam, with a PGP signature! > Lan Guy > ----- Original Message ----- > From: <mhz2H4@...cast.com> > To: "sackMail" <> > Sent: Tuesday, October 07, 2003 12:30 PM > Subject: l, i didnt know you could put that up there , h l t > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: Q5 > > > > The following is your information. This info will make you a > > happier person. If it does not make you a happier person maybe you > > need to get out more. > > > > > > What was that thing she put up inside; > > > > > > http://200.206.184.201:8040/11/cgi/spind.pl?h=fi.dat&p=1a&lah=sq3ycn > > > > > > > > 2_._._._7 > > > > 1) Switch your email options; > > 3) http://200.206.184.201:8040/11/r2.html > > > > > > > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.0.2 (GNU/Linux) > > > > owsejfoiewur9834u9u3j4ojdflsejflkiew934udfo3i > > sfdpo32i09rediwoejdolwesdnlfklksdjfj3409jldsfdk > > sdnok3peodkpo3kdpo3kdnlaskdnlsakdnlwkd0-9 > > sfdpo32i09redswoejdolwesdnlfklksdjfj3409jlddfdk > > sdlnkfsdk.fv,fe > > -----END PGP SIGNATURE----- > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists