[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Interesting idea for a covert channel or I just didn't research enough?

Frank Knobbe(frank@xxxxxxxxx)@Thu, Oct 06, 2005 at 04:53:19PM -0500:
> On Thu, 2005-10-06 at 16:52 -0400, Michael Holstein wrote:
> > Webbugs, which use unique URLs under an <IMG> tag, are an excellent 
> > example of using logfiles to <DO STUFF>.
> 
> Except that "vi", "less" or "notepad" don't import anything. 
> 
> You're not looking at your log files with a web browser, do you??

He was referring not to the log viewer executing something, but
transmission of data to the server containing the URL (stored in their
logs).

A common spammer trick, used also in more legit ways, is to send an email
with an image in it.  The image is actually a CGI script that takes a
parameter, logs it, then kicks out an image.  "Webbugs" tend to be 1px
square, and possibly transparent.  Using this can automate testing if
email addresses are valid (by sending each address a different unique
tracking URL).

-- 
Bill Weiss

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/