[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] POC for a simple gmail/possible code injection into html wich can be executed in an email, i will make the PoC code and explain how here and now...

To: secn3t@xxxxxxxxx
Subject: Re: [Full-disclosure] POC for a simple gmail/possible code injection into html wich can be executed in an email, i will make the PoC code and explain how here and now...
From: adam <adam@xxxxxxxxx>
Date: Sat, 11 Jun 2011 20:02:20 -0500

I guess we're right back to being idiotic.

Either way, Christian, you may want to be careful. When this guy isn't busy
releasing ground-breaking, never-before-seen full disclosures, he's hacking
people off the internet:

http://ryan1918.com/viewtopic.php?f=2&t=1946


On Sat, Jun 11, 2011 at 7:57 PM, -= Glowing Doom =- <secn3t@xxxxxxxxx>wrote:

> LOL!!
> That made my day!
>
> Thankyu... That is the BEST description, of 'adam' I could have watched...
> and, so true... i am actually in hysterics when i saw this.
> unfortunately, some people have to pick on the smallest things, (as i had
> said, i am in work, and, yes, am rushing things abit even now, however, I am
> going to keep that link and, remember to watch it eveytime an Adam comes
> along :)
> Thankyou Jeffrey :)
> xd / Dru
>
>
>
>
> On 12 June 2011 10:49, Jeffrey Walton <noloader@xxxxxxxxx> wrote:
>
>> On Sat, Jun 11, 2011 at 8:45 PM, adam <adam@xxxxxxxxx> wrote:
>> > Somehow, I seriously doubt that.
>> > The point is, broken English or not - this has to be the most laughable
>> PoC
>> > I've ever seen. He originally insists that this is a problem related to
>> (web
>> > based?) mail providers (which would lead anyone to believe is server
>> > related) and then turns around and begins referencing external libraries
>> > (that he can't even name?).
>> > Lastly, before diving face first into his ass - you should have probably
>> > performed a Google search. I'll give you a hint, he's not located in
>> some
>> > third world country.
>> Too funny.... Location is distinct from native tongue.
>> http://www.collegehumor.com/video/5817726/internet-bridge-troll
>>
>> Jeff
>>
>> > On Sat, Jun 11, 2011 at 7:30 PM, Jeffrey Walton <noloader@xxxxxxxxx>
>> wrote:
>> >>
>> >> On Sat, Jun 11, 2011 at 8:13 PM, adam <adam@xxxxxxxxx> wrote:
>> >> > When the English version becomes available, please let me know.
>> >> I'd bet secn3t's english is better than your speaking his native
>> >> tongue....
>> >>
>> >> > On Sat, Jun 11, 2011 at 7:02 PM, -= Glowing Doom =- <
>> secn3t@xxxxxxxxx>
>> >> > wrote:
>> >> >>
>> >> >> Systems wich appear vulnerable: EVERY single one i have tried...
>> >> >>
>> >> >> How:
>> >> >>
>> >> >> I wrote that sentecne, then, i backspaced it and blacked it over
>> with
>> >> >> copy
>> >> >> , then, enter url to wherver i want...
>> >> >> There is 3 ways i have found todo this, when i dissected one of
>> them,
>> >> >> the
>> >> >> URL/Sentence, was gfull of x41\x41\x41 , very strange... because it
>> is
>> >> >> still
>> >> >> able to be done 3 ways, and the simplest way does NOT require even
>> html
>> >> >> 'link' to section, wich is what MST be done, altho on older emailer
>> >> >> systems,
>> >> >> I see that it is simple as backspace over the sentence,then type the
>> >> >> url, it
>> >> >> a'appears' at first , to be a normal deleted sentence, but when I
>> open
>> >> >> and
>> >> >> dissect, it shows URL/41/41/41 then all over the email page, same
>> thing
>> >> >> ...
>> >> >> I know this might be confusing,  I traced the problem to a dll or
>> lib
>> >> >> wich
>> >> >> is for text editing , and that dll is a VERY common one on any
>> system,
>> >> >> sofar
>> >> >> not one mailing system, has NOT had this vuln... yet, i have seen
>> >> >> another
>> >> >> 'version' of this attack type, but, they can ONLY spoof a URL...
>> This
>> >> >> one,
>> >> >> you can make the whole email, a url... i will do this right now..
>> >> >>
>> >> >> [SNIP]
>> >>
>> >> _______________________________________________
>> >> Full-Disclosure - We believe in it.
>> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >
>> >
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] POC for a simple gmail/possible code injection into html wich can be executed in an email, i will make the PoC code and explain how here and now...
  - From: -= Glowing Doom =-
- Re: [Full-disclosure] POC for a simple gmail/possible code injection into html wich can be executed in an email, i will make the PoC code and explain how here and now...
  - From: cmdlnkid

References: