Mishi
Sunday, December 1, 2002 you wrote:
> The link that you sent me did not explain what I am asking for. Let
> me explain my question a bit more: Suppose there is a virtual domain
> called abcvirtual.com on a server called xyzserver.com. When a user
> logs in to the server using Imail port 8383 then Imail creates a
> bunch of security character strings like :
> http://xyzserver.com:8383/Xade9939bcc9fcf9aee8571e9/menu.63104.cgi?mbx=Main
> What I am trying to figure out is what holds/creates the string :
> Xade9939bcc9fcf9aee8571e9
Oh, I did misunderstand. I do not believe that the session id is
well known. It is certainly not documented in so far as I know and
I've never seen a hack described. There have been vulnerabilities
described to acquire someone's session id but all I know presuppose
the existence of the id. Since the IMAIL password has been hacked
and described I suspect the session id has not been or it would also
be described somewhere.
Therefore, I suspect your most promising path of exploration is to
attempt to modify the templates after the session is created. See
these links for aid on customizing web messaging templates and the
special tags you can use:
http://support.ipswitch.com/kb/IM-20000615-DM01.htm
http://support.ipswitch.com/kb/IM-20010928-DM01.htm
http://www.ipswitch.com/support/IMail/guide/imailug7.1/Appendix%20H%20cal_templates5.html
I know this is not answering your question but maybe it will help.
Terry Fritts
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.
