[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] IE8 img tag HiJacking

To: Dan Kaminsky <dan@xxxxxxxxxxx>
Subject: Re: [Full-disclosure] IE8 img tag HiJacking
From: T Biehn <tbiehn@xxxxxxxxx>
Date: Thu, 22 Apr 2010 14:43:27 -0400

Hey, you actually posted information! Congrats!
Did you learn about this 'information channel' from your numerous 'blackhat'
friends?

-Travis

On Apr 22, 2010 2:17 PM, "Dan Kaminsky" <dan@xxxxxxxxxxx> wrote:

Also, Billy Hoffman has done a lot of fun work in this space, see
http://www.gnucitizen.org/blog/javascript-remoting-dangers/

2010/4/22 Dan Kaminsky <dan@xxxxxxxxxxx>:

> Interesting use, using filesize to back into the actual CAPTCHA used for a
> given query.  Sneaky!...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] IE8 img tag HiJacking
  - From: Владимир Воронцов
- Re: [Full-disclosure] IE8 img tag HiJacking
  - From: T Biehn
- Re: [Full-disclosure] IE8 img tag HiJacking
  - From: Dan Kaminsky
- Re: [Full-disclosure] IE8 img tag HiJacking
  - From: Dan Kaminsky

Prev by Date: Re: [Full-disclosure] IE8 img tag HiJacking
Next by Date: Re: [Full-disclosure] IE8 img tag HiJacking
Previous by thread: Re: [Full-disclosure] IE8 img tag HiJacking
Next by thread: Re: [Full-disclosure] IE8 img tag HiJacking
Index(es):
- Date
- Thread