lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <BANLkTi=K_rHioGpQYgJ4saFKjMXQiE0FDQ@mail.gmail.com>
Date: Sun, 12 Jun 2011 11:04:16 +1000
From: "-= Glowing Doom =-" <secn3t@...il.com>
To: adam <adam@...sy.net>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: POC for a simple gmail/possible code
 injection into html wich can be executed in an email,
 i will make the PoC code and explain how here and now...

wow... you visit sduch GREAT websites :)
hehe... i think you have said enough for yourself...


On 12 June 2011 11:02, adam <adam@...sy.net> wrote:

> I guess we're right back to being idiotic.
>
> Either way, Christian, you may want to be careful. When this guy isn't busy
> releasing ground-breaking, never-before-seen full disclosures, he's hacking
> people off the internet:
>
> http://ryan1918.com/viewtopic.php?f=2&t=1946
>
>
> On Sat, Jun 11, 2011 at 7:57 PM, -= Glowing Doom =- <secn3t@...il.com>wrote:
>
>> LOL!!
>> That made my day!
>>
>> Thankyu... That is the BEST description, of 'adam' I could have watched...
>> and, so true... i am actually in hysterics when i saw this.
>> unfortunately, some people have to pick on the smallest things, (as i had
>> said, i am in work, and, yes, am rushing things abit even now, however, I am
>> going to keep that link and, remember to watch it eveytime an Adam comes
>> along :)
>> Thankyou Jeffrey :)
>> xd / Dru
>>
>>
>>
>>
>> On 12 June 2011 10:49, Jeffrey Walton <noloader@...il.com> wrote:
>>
>>> On Sat, Jun 11, 2011 at 8:45 PM, adam <adam@...sy.net> wrote:
>>> > Somehow, I seriously doubt that.
>>> > The point is, broken English or not - this has to be the most laughable
>>> PoC
>>> > I've ever seen. He originally insists that this is a problem related to
>>> (web
>>> > based?) mail providers (which would lead anyone to believe is server
>>> > related) and then turns around and begins referencing external
>>> libraries
>>> > (that he can't even name?).
>>> > Lastly, before diving face first into his ass - you should have
>>> probably
>>> > performed a Google search. I'll give you a hint, he's not located in
>>> some
>>> > third world country.
>>> Too funny.... Location is distinct from native tongue.
>>> http://www.collegehumor.com/video/5817726/internet-bridge-troll
>>>
>>> Jeff
>>>
>>> > On Sat, Jun 11, 2011 at 7:30 PM, Jeffrey Walton <noloader@...il.com>
>>> wrote:
>>> >>
>>> >> On Sat, Jun 11, 2011 at 8:13 PM, adam <adam@...sy.net> wrote:
>>> >> > When the English version becomes available, please let me know.
>>> >> I'd bet secn3t's english is better than your speaking his native
>>> >> tongue....
>>> >>
>>> >> > On Sat, Jun 11, 2011 at 7:02 PM, -= Glowing Doom =- <
>>> secn3t@...il.com>
>>> >> > wrote:
>>> >> >>
>>> >> >> Systems wich appear vulnerable: EVERY single one i have tried...
>>> >> >>
>>> >> >> How:
>>> >> >>
>>> >> >> I wrote that sentecne, then, i backspaced it and blacked it over
>>> with
>>> >> >> copy
>>> >> >> , then, enter url to wherver i want...
>>> >> >> There is 3 ways i have found todo this, when i dissected one of
>>> them,
>>> >> >> the
>>> >> >> URL/Sentence, was gfull of x41\x41\x41 , very strange... because it
>>> is
>>> >> >> still
>>> >> >> able to be done 3 ways, and the simplest way does NOT require even
>>> html
>>> >> >> 'link' to section, wich is what MST be done, altho on older emailer
>>> >> >> systems,
>>> >> >> I see that it is simple as backspace over the sentence,then type
>>> the
>>> >> >> url, it
>>> >> >> a'appears' at first , to be a normal deleted sentence, but when I
>>> open
>>> >> >> and
>>> >> >> dissect, it shows URL/41/41/41 then all over the email page, same
>>> thing
>>> >> >> ...
>>> >> >> I know this might be confusing,  I traced the problem to a dll or
>>> lib
>>> >> >> wich
>>> >> >> is for text editing , and that dll is a VERY common one on any
>>> system,
>>> >> >> sofar
>>> >> >> not one mailing system, has NOT had this vuln... yet, i have seen
>>> >> >> another
>>> >> >> 'version' of this attack type, but, they can ONLY spoof a URL...
>>> This
>>> >> >> one,
>>> >> >> you can make the whole email, a url... i will do this right now..
>>> >> >>
>>> >> >> [SNIP]
>>> >>
>>> >> _______________________________________________
>>> >> Full-Disclosure - We believe in it.
>>> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> >> Hosted and sponsored by Secunia - http://secunia.com/
>>> >
>>> >
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>>
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ