| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <75e2d90c05060410461a2c1fec@mail.gmail.com>
Date: Sat Jun 4 19:48:19 2005
From: eierkoek at gmail.com (Alex de Vries)
Subject: Hotmail security flaw
I have found a security hole in hotmail that allows me to view
somebody's email inbox and do everything possible as it was your own
e-mail inbox. All that needs to be done is send that user an a-mail
message and persuade him to open an internet site (that has been
uploaded by the attacker). This flaw works because of an XSS (Cross
Site Scripting) vulnerability in the msn website. This allows the
attacker to log the cookie of the victim.
It's not a JavaScript injection on the site of hotmail itself, so
it's not possible to see if the url is malicious or not.
I have send Microsoft an e-mail message explaining the exploit and the
problems it can cause.
I have successfully tested this method multiple times on a legal way.
When I was convinced the exploit was fully working I wrote a tutorial
about it.
The XSS exploit exists in one of MSN sub domains
http://ilovemessenger.msn.com/ . To prove it's existence you could go
to the following url (including the last single quote):
http://ilovemessenger.msn.com/?mkt=nl-nl');alert(document.cookie);escape('
If the exploit is still working you will see a popup containing your
current cookie.
The tutorial I have written can be shown at :
http://www.net-force.nl/files/articles/hotmail_xss/
The exploit is discovered, and the tutorial has been written by:
Alex de Vries, on http://www.net-force.nl known as "Eierkoek".
eierkoek@...-force.nl
Powered by blists - more mailing lists