| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040512172248.GW15373@aaronp.com> From: sith at sithender.com (sith@...hender.com) Subject: leaking On Wed, May 12, 2004 at 10:16:23AM -0500, Alerta Redsegura wrote: > I am really curious to know how you can collect e-mail addresses from a > plain image fed from a website shown on an e-mail. > > IP, yes. User-agent, yes. But e-mail addresses??? You don't _collect_ email addresses (they obviously already have it if they are sending you email with it, ;) But you can verify email addresses with it. The easiest would be to put a hash or some other identifier of the users email address in the url for the image, then have mod_rewrite rewrite the url (or not, who cares... you just wanted to verify the email address was good) to an actual image on your system, and log the embeded info and compare to your known addresses. Aaron Peterson
Powered by blists - more mailing lists