lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20051006224701.GS6095@clanspum.net>
Date: Thu Oct  6 23:47:09 2005
From: houdini+full-disclosure at clanspum.net (Bill Weiss)
Subject: Interesting idea for a covert channel or I just
	didn't research enough?

Frank Knobbe(frank@...bbe.us)@Thu, Oct 06, 2005 at 04:53:19PM -0500:
> On Thu, 2005-10-06 at 16:52 -0400, Michael Holstein wrote:
> > Webbugs, which use unique URLs under an <IMG> tag, are an excellent 
> > example of using logfiles to <DO STUFF>.
> 
> Except that "vi", "less" or "notepad" don't import anything. 
> 
> You're not looking at your log files with a web browser, do you??

He was referring not to the log viewer executing something, but
transmission of data to the server containing the URL (stored in their
logs).

A common spammer trick, used also in more legit ways, is to send an email
with an image in it.  The image is actually a CGI script that takes a
parameter, logs it, then kicks out an image.  "Webbugs" tend to be 1px
square, and possibly transparent.  Using this can automate testing if
email addresses are valid (by sending each address a different unique
tracking URL).

-- 
Bill Weiss

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ