[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <BANLkTikKDcj3ScfAdsKpLSGwL1qhh-397g@mail.gmail.com>
Date: Sat, 11 Jun 2011 20:49:09 -0400
From: Jeffrey Walton <noloader@...il.com>
To: adam <adam@...sy.net>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: POC for a simple gmail/possible code
injection into html wich can be executed in an email,
i will make the PoC code and explain how here and now...
On Sat, Jun 11, 2011 at 8:45 PM, adam <adam@...sy.net> wrote:
> Somehow, I seriously doubt that.
> The point is, broken English or not - this has to be the most laughable PoC
> I've ever seen. He originally insists that this is a problem related to (web
> based?) mail providers (which would lead anyone to believe is server
> related) and then turns around and begins referencing external libraries
> (that he can't even name?).
> Lastly, before diving face first into his ass - you should have probably
> performed a Google search. I'll give you a hint, he's not located in some
> third world country.
Too funny.... Location is distinct from native tongue.
http://www.collegehumor.com/video/5817726/internet-bridge-troll
Jeff
> On Sat, Jun 11, 2011 at 7:30 PM, Jeffrey Walton <noloader@...il.com> wrote:
>>
>> On Sat, Jun 11, 2011 at 8:13 PM, adam <adam@...sy.net> wrote:
>> > When the English version becomes available, please let me know.
>> I'd bet secn3t's english is better than your speaking his native
>> tongue....
>>
>> > On Sat, Jun 11, 2011 at 7:02 PM, -= Glowing Doom =- <secn3t@...il.com>
>> > wrote:
>> >>
>> >> Systems wich appear vulnerable: EVERY single one i have tried...
>> >>
>> >> How:
>> >>
>> >> I wrote that sentecne, then, i backspaced it and blacked it over with
>> >> copy
>> >> , then, enter url to wherver i want...
>> >> There is 3 ways i have found todo this, when i dissected one of them,
>> >> the
>> >> URL/Sentence, was gfull of x41\x41\x41 , very strange... because it is
>> >> still
>> >> able to be done 3 ways, and the simplest way does NOT require even html
>> >> 'link' to section, wich is what MST be done, altho on older emailer
>> >> systems,
>> >> I see that it is simple as backspace over the sentence,then type the
>> >> url, it
>> >> a'appears' at first , to be a normal deleted sentence, but when I open
>> >> and
>> >> dissect, it shows URL/41/41/41 then all over the email page, same thing
>> >> ...
>> >> I know this might be confusing, I traced the problem to a dll or lib
>> >> wich
>> >> is for text editing , and that dll is a VERY common one on any system,
>> >> sofar
>> >> not one mailing system, has NOT had this vuln... yet, i have seen
>> >> another
>> >> 'version' of this attack type, but, they can ONLY spoof a URL... This
>> >> one,
>> >> you can make the whole email, a url... i will do this right now..
>> >>
>> >> [SNIP]
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists